diff --git a/Sources/Web5/Crypto/Algorithms/Ed25519.swift b/Sources/Web5/Crypto/Algorithms/Ed25519.swift new file mode 100644 index 0000000..91fb924 --- /dev/null +++ b/Sources/Web5/Crypto/Algorithms/Ed25519.swift @@ -0,0 +1,115 @@ +import CryptoKit +import Foundation + +/// Cryptographic operations using the Edwards-curve Digital Signature Algorithm (EdDSA) +/// with the Ed25519 elliptic curve +public enum Ed25519: AsymmetricKeyGenerator, Signer { + + enum Error: Swift.Error { + case invalidPrivateJwk + case invalidPublicJwk + } + + public static func generatePrivateKey() throws -> Jwk { + return try Curve25519.Signing.PrivateKey().jwk() + } + + public static func computePublicKey(privateKey: Jwk) throws -> Jwk { + let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) + return try privateKey.publicKey.jwk() + } + + public static func privateKeyToBytes(_ privateKey: Jwk) throws -> Data { + let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) + return privateKey.rawRepresentation + } + + public static func privateKeyFromBytes(_ bytes: Data) throws -> Jwk { + return try Curve25519.Signing.PrivateKey(rawRepresentation: bytes).jwk() + } + + public static func publicKeyToBytes(_ publicKey: Jwk) throws -> Data { + let publicKey = try Curve25519.Signing.PublicKey(publicJwk: publicKey) + return publicKey.rawRepresentation + } + + public static func publicKeyFromBytes(_ bytes: Data) throws -> Jwk { + return try Curve25519.Signing.PublicKey(rawRepresentation: bytes).jwk() + } + + public static func sign(payload: D, privateKey: Jwk) throws -> Data where D: DataProtocol { + let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) + return try privateKey.signature(for: payload) + } + + public static func verify(payload: P, signature: S, publicKey: Jwk) throws -> Bool + where P: DataProtocol, S: DataProtocol { + let publicKey = try Curve25519.Signing.PublicKey(publicJwk: publicKey) + return publicKey.isValidSignature(signature, for: payload) + } + + public static func isValidPrivateKey(_ privateKey: Jwk) -> Bool { + let privateKey = try? Curve25519.Signing.PrivateKey(privateJwk: privateKey) + return privateKey != nil + } + + public static func isValidPublicKey(_ publicKey: Jwk) -> Bool { + let publicKey = try? Curve25519.Signing.PublicKey(publicJwk: publicKey) + return publicKey != nil + } +} + +// MARK: - Curve25519 Extensions + +extension Curve25519.Signing.PrivateKey { + + init(privateJwk: Jwk) throws { + guard + privateJwk.keyType == .octetKeyPair, + privateJwk.algorithm == .eddsa || privateJwk.curve == .ed25519, + privateJwk.y == nil, + let d = privateJwk.d + else { + throw Ed25519.Error.invalidPrivateJwk + } + + try self.init(rawRepresentation: d.decodeBase64Url()) + } + + func jwk() throws -> Jwk { + var jwk = try publicKey.jwk() + jwk.d = rawRepresentation.base64UrlEncodedString() + return jwk + } + +} + +extension Curve25519.Signing.PublicKey { + + init(publicJwk: Jwk) throws { + guard + publicJwk.keyType == .octetKeyPair, + publicJwk.algorithm == .eddsa || publicJwk.curve == .ed25519, + publicJwk.y == nil, + publicJwk.d == nil, + let x = publicJwk.x + else { + throw Ed25519.Error.invalidPublicJwk + } + + try self.init(rawRepresentation: x.decodeBase64Url()) + } + + func jwk() throws -> Jwk { + var jwk = Jwk( + keyType: .octetKeyPair, + algorithm: .eddsa, + curve: .ed25519, + x: rawRepresentation.base64UrlEncodedString() + ) + jwk.keyID = try jwk.thumbprint() + + return jwk + } + +} diff --git a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256k.swift b/Sources/Web5/Crypto/Algorithms/Secp256k1.swift similarity index 57% rename from Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256k.swift rename to Sources/Web5/Crypto/Algorithms/Secp256k1.swift index 969bea3..95fbe43 100644 --- a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256k.swift +++ b/Sources/Web5/Crypto/Algorithms/Secp256k1.swift @@ -1,73 +1,70 @@ import Foundation import secp256k1 -extension ECDSA { +/// Crypto operations using the Elliptic Curve Digital Signature Algorithm (ECDSA) +/// with the secp256k1 elliptic curve and SHA-256 +public enum Secp256k1: AsymmetricKeyGenerator, Signer { - /// Crypto operations using the Elliptic Curve Digital Signature Algorithm (ECDSA) - /// with the secp256k1 elliptic curve and SHA-256 - public enum Es256k: AsymmetricKeyGenerator, Signer { - - public static func generatePrivateKey() throws -> Jwk { - return try secp256k1.Signing.PrivateKey().jwk() - } + public static func generatePrivateKey() throws -> Jwk { + return try secp256k1.Signing.PrivateKey().jwk() + } - public static func computePublicKey(privateKey: Jwk) throws -> Jwk { - let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) - return try privateKey.publicKey.jwk() - } + public static func computePublicKey(privateKey: Jwk) throws -> Jwk { + let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) + return try privateKey.publicKey.jwk() + } - public static func privateKeyToBytes(_ privateKey: Jwk) throws -> Data { - let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) - return privateKey.dataRepresentation - } + public static func privateKeyToBytes(_ privateKey: Jwk) throws -> Data { + let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) + return privateKey.dataRepresentation + } - public static func privateKeyFromBytes(_ bytes: Data) throws -> Jwk { - return try secp256k1.Signing.PrivateKey(dataRepresentation: bytes).jwk() - } + public static func privateKeyFromBytes(_ bytes: Data) throws -> Jwk { + return try secp256k1.Signing.PrivateKey(dataRepresentation: bytes).jwk() + } - public static func publicKeyToBytes(_ publicKey: Jwk) throws -> Data { - let publicKey = try secp256k1.Signing.PublicKey(publicJwk: publicKey) - return publicKey.uncompressedBytes() - } + public static func publicKeyToBytes(_ publicKey: Jwk) throws -> Data { + let publicKey = try secp256k1.Signing.PublicKey(publicJwk: publicKey) + return publicKey.uncompressedBytes() + } - public static func publicKeyFromBytes(_ bytes: Data) throws -> Jwk { - return try secp256k1.Signing.PublicKey( - dataRepresentation: bytes, - format: bytes.count == secp256k1.Signing.PublicKey.Constants.compressedKeySize - ? .compressed - : .uncompressed - ).jwk() - } + public static func publicKeyFromBytes(_ bytes: Data) throws -> Jwk { + return try secp256k1.Signing.PublicKey( + dataRepresentation: bytes, + format: bytes.count == secp256k1.Signing.PublicKey.Constants.compressedKeySize + ? .compressed + : .uncompressed + ).jwk() + } - public static func sign(payload: D, privateKey: Jwk) throws -> Data where D: DataProtocol { - let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) - return try privateKey.signature(for: payload).compactRepresentation - } + public static func sign(payload: D, privateKey: Jwk) throws -> Data where D: DataProtocol { + let privateKey = try secp256k1.Signing.PrivateKey(privateJwk: privateKey) + return try privateKey.signature(for: payload).compactRepresentation + } - public static func verify(payload: P, signature: S, publicKey: Jwk) throws -> Bool - where P: DataProtocol, S: DataProtocol { - let publicKey = try secp256k1.Signing.PublicKey(publicJwk: publicKey) - let ecdsaSignature = try secp256k1.Signing.ECDSASignature(compactRepresentation: signature) - let normalizedSignature = try ecdsaSignature.normalized() + public static func verify(payload: P, signature: S, publicKey: Jwk) throws -> Bool + where P: DataProtocol, S: DataProtocol { + let publicKey = try secp256k1.Signing.PublicKey(publicJwk: publicKey) + let ecdsaSignature = try secp256k1.Signing.ECDSASignature(compactRepresentation: signature) + let normalizedSignature = try ecdsaSignature.normalized() - return publicKey.isValidSignature(normalizedSignature, for: payload) - } + return publicKey.isValidSignature(normalizedSignature, for: payload) + } - public static func isValidPrivateKey(_ privateKey: Jwk) -> Bool { - let privateKey = try? secp256k1.Signing.PrivateKey(privateJwk: privateKey) - return privateKey != nil - } + public static func isValidPrivateKey(_ privateKey: Jwk) -> Bool { + let privateKey = try? secp256k1.Signing.PrivateKey(privateJwk: privateKey) + return privateKey != nil + } - public static func isValidPublicKey(_ publicKey: Jwk) -> Bool { - let publicKey = try? secp256k1.Signing.PublicKey(publicJwk: publicKey) - return publicKey != nil - } + public static func isValidPublicKey(_ publicKey: Jwk) -> Bool { + let publicKey = try? secp256k1.Signing.PublicKey(publicJwk: publicKey) + return publicKey != nil + } - /// Errors thrown by `ECDSA.Es256k` - enum Error: Swift.Error { - case invalidPrivateJwk - case invalidPublicJwk - } + /// Errors thrown by `Secp256k1` + enum Error: Swift.Error { + case invalidPrivateJwk + case invalidPublicJwk } } @@ -81,7 +78,7 @@ extension secp256k1.Signing.PrivateKey { privateJwk.algorithm == .es256k || privateJwk.curve == .secp256k1, let d = privateJwk.d else { - throw ECDSA.Es256k.Error.invalidPrivateJwk + throw Secp256k1.Error.invalidPrivateJwk } try self.init(dataRepresentation: d.decodeBase64Url()) @@ -122,7 +119,7 @@ extension secp256k1.Signing.PublicKey { let x = publicJwk.x, let y = publicJwk.y else { - throw ECDSA.Es256k.Error.invalidPublicJwk + throw Secp256k1.Error.invalidPublicJwk } var data = Data() @@ -131,7 +128,7 @@ extension secp256k1.Signing.PublicKey { data.append(contentsOf: try y.decodeBase64Url()) guard data.count == Constants.uncompressedKeySize else { - throw ECDSA.Es256k.Error.invalidPublicJwk + throw Secp256k1.Error.invalidPublicJwk } try self.init(dataRepresentation: data, format: .uncompressed) diff --git a/Sources/Web5/Crypto/Crypto.swift b/Sources/Web5/Crypto/Crypto.swift index 3e1a354..9817e80 100644 --- a/Sources/Web5/Crypto/Crypto.swift +++ b/Sources/Web5/Crypto/Crypto.swift @@ -138,7 +138,7 @@ extension CryptoAlgorithm { algorithm = .ed25519 } case .es256k: - algorithm = .es256k + algorithm = .secp256k1 } } else { // If no JWS algorithm was provided, use the public key alone to determine the `CryptoAlgorithm` @@ -166,10 +166,10 @@ extension CryptoAlgorithm { /// `Signer` associated with the `CryptoAlgorithm` fileprivate var signer: Signer.Type? { switch self { - case .es256k: - return ECDSA.Es256k.self + case .secp256k1: + return Secp256k1.self case .ed25519: - return EdDSA.Ed25519.self + return Ed25519.self } } @@ -181,10 +181,10 @@ extension CryptoAlgorithm { /// `AsymmetricKeyGenerator` associated with the `CryptoAlgorithm` fileprivate var asymmetricKeyGenerator: AsymmetricKeyGenerator.Type? { switch self { - case .es256k: - return ECDSA.Es256k.self + case .secp256k1: + return Secp256k1.self case .ed25519: - return EdDSA.Ed25519.self + return Ed25519.self } } } diff --git a/Sources/Web5/Crypto/CryptoAlgorithm.swift b/Sources/Web5/Crypto/CryptoAlgorithm.swift index 577b360..a48f192 100644 --- a/Sources/Web5/Crypto/CryptoAlgorithm.swift +++ b/Sources/Web5/Crypto/CryptoAlgorithm.swift @@ -6,5 +6,5 @@ public enum CryptoAlgorithm: CaseIterable { /// EdDSA using the Ed25519 curve case ed25519 /// ECDSA using the secp256k1 curve and SHA-256 - case es256k + case secp256k1 } diff --git a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA.swift b/Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA.swift deleted file mode 100644 index 81db071..0000000 --- a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/ECDSA.swift +++ /dev/null @@ -1,4 +0,0 @@ -import Foundation - -/// Elliptic Curve Digital Signature Algorithm (ECDSA) -public enum ECDSA {} diff --git a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519.swift b/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519.swift deleted file mode 100644 index e6a4874..0000000 --- a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519.swift +++ /dev/null @@ -1,118 +0,0 @@ -import CryptoKit -import Foundation - -extension EdDSA { - - /// Cryptographic operations using the Edwards-curve Digital Signature Algorithm (EdDSA) - /// with the Ed25519 elliptic curve - public enum Ed25519: AsymmetricKeyGenerator, Signer { - - enum Error: Swift.Error { - case invalidPrivateJwk - case invalidPublicJwk - } - - public static func generatePrivateKey() throws -> Jwk { - return try Curve25519.Signing.PrivateKey().jwk() - } - - public static func computePublicKey(privateKey: Jwk) throws -> Jwk { - let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) - return try privateKey.publicKey.jwk() - } - - public static func privateKeyToBytes(_ privateKey: Jwk) throws -> Data { - let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) - return privateKey.rawRepresentation - } - - public static func privateKeyFromBytes(_ bytes: Data) throws -> Jwk { - return try Curve25519.Signing.PrivateKey(rawRepresentation: bytes).jwk() - } - - public static func publicKeyToBytes(_ publicKey: Jwk) throws -> Data { - let publicKey = try Curve25519.Signing.PublicKey(publicJwk: publicKey) - return publicKey.rawRepresentation - } - - public static func publicKeyFromBytes(_ bytes: Data) throws -> Jwk { - return try Curve25519.Signing.PublicKey(rawRepresentation: bytes).jwk() - } - - public static func sign(payload: D, privateKey: Jwk) throws -> Data where D: DataProtocol { - let privateKey = try Curve25519.Signing.PrivateKey(privateJwk: privateKey) - return try privateKey.signature(for: payload) - } - - public static func verify(payload: P, signature: S, publicKey: Jwk) throws -> Bool - where P: DataProtocol, S: DataProtocol { - let publicKey = try Curve25519.Signing.PublicKey(publicJwk: publicKey) - return publicKey.isValidSignature(signature, for: payload) - } - - public static func isValidPrivateKey(_ privateKey: Jwk) -> Bool { - let privateKey = try? Curve25519.Signing.PrivateKey(privateJwk: privateKey) - return privateKey != nil - } - - public static func isValidPublicKey(_ publicKey: Jwk) -> Bool { - let publicKey = try? Curve25519.Signing.PublicKey(publicJwk: publicKey) - return publicKey != nil - } - } -} - -// MARK: - Curve25519 Extensions - -extension Curve25519.Signing.PrivateKey { - - init(privateJwk: Jwk) throws { - guard - privateJwk.keyType == .octetKeyPair, - privateJwk.algorithm == .eddsa || privateJwk.curve == .ed25519, - privateJwk.y == nil, - let d = privateJwk.d - else { - throw EdDSA.Ed25519.Error.invalidPrivateJwk - } - - try self.init(rawRepresentation: d.decodeBase64Url()) - } - - func jwk() throws -> Jwk { - var jwk = try publicKey.jwk() - jwk.d = rawRepresentation.base64UrlEncodedString() - return jwk - } - -} - -extension Curve25519.Signing.PublicKey { - - init(publicJwk: Jwk) throws { - guard - publicJwk.keyType == .octetKeyPair, - publicJwk.algorithm == .eddsa || publicJwk.curve == .ed25519, - publicJwk.y == nil, - publicJwk.d == nil, - let x = publicJwk.x - else { - throw EdDSA.Ed25519.Error.invalidPublicJwk - } - - try self.init(rawRepresentation: x.decodeBase64Url()) - } - - func jwk() throws -> Jwk { - var jwk = Jwk( - keyType: .octetKeyPair, - algorithm: .eddsa, - curve: .ed25519, - x: rawRepresentation.base64UrlEncodedString() - ) - jwk.keyID = try jwk.thumbprint() - - return jwk - } - -} diff --git a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA.swift b/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA.swift deleted file mode 100644 index f4eee7f..0000000 --- a/Sources/Web5/Crypto/DigitalSignatureAlgorithms/EdDSA.swift +++ /dev/null @@ -1,4 +0,0 @@ -import Foundation - -/// Edwards-curve Digital Signature Algorithm (EdDSA) -public enum EdDSA {} diff --git a/Tests/Web5TestVectors/Web5TestVectorsCryptoEd25519.swift b/Tests/Web5TestVectors/Web5TestVectorsCryptoEd25519.swift index 640552d..e1d2396 100644 --- a/Tests/Web5TestVectors/Web5TestVectorsCryptoEd25519.swift +++ b/Tests/Web5TestVectors/Web5TestVectorsCryptoEd25519.swift @@ -19,7 +19,7 @@ final class Web5TestVectorsCryptoEd25519: XCTestCase { testVector.run { vector in let vectorBlock = { - let signature = try EdDSA.Ed25519.sign( + let signature = try Ed25519.sign( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), privateKey: vector.input.key ) @@ -30,16 +30,16 @@ final class Web5TestVectorsCryptoEd25519: XCTestCase { // // Because of this, the signature we just generated will NOT be the same as the vector's output, // but both will be valid signatures. - let isVectorOutputSignatureValid = try EdDSA.Ed25519.verify( + let isVectorOutputSignatureValid = try Ed25519.verify( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), signature: try XCTUnwrap(Data.fromHexString(try XCTUnwrap(vector.output))), - publicKey: try EdDSA.Ed25519.computePublicKey(privateKey: vector.input.key) + publicKey: try Ed25519.computePublicKey(privateKey: vector.input.key) ) - let isGeneratedSignatureValid = try EdDSA.Ed25519.verify( + let isGeneratedSignatureValid = try Ed25519.verify( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), signature: signature, - publicKey: try EdDSA.Ed25519.computePublicKey(privateKey: vector.input.key) + publicKey: try Ed25519.computePublicKey(privateKey: vector.input.key) ) XCTAssertTrue(isVectorOutputSignatureValid) @@ -71,7 +71,7 @@ final class Web5TestVectorsCryptoEd25519: XCTestCase { testVector.run { vector in let vectorBlock = { - let isValid = try EdDSA.Ed25519.verify( + let isValid = try Ed25519.verify( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), signature: try XCTUnwrap(Data.fromHexString(vector.input.signature)), publicKey: vector.input.key diff --git a/Tests/Web5TestVectors/Web5TestVectorsCryptoEs256k.swift b/Tests/Web5TestVectors/Web5TestVectorsCryptoEs256k.swift index 2120971..265408f 100644 --- a/Tests/Web5TestVectors/Web5TestVectorsCryptoEs256k.swift +++ b/Tests/Web5TestVectors/Web5TestVectorsCryptoEs256k.swift @@ -19,7 +19,7 @@ final class Web5TestVectorsCryptoEs256k: XCTestCase { testVector.run { vector in let vectorBlock = { - let signature = try ECDSA.Es256k.sign( + let signature = try Secp256k1.sign( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), privateKey: vector.input.key ) @@ -49,7 +49,7 @@ final class Web5TestVectorsCryptoEs256k: XCTestCase { testVector.run { vector in let vectorBlock = { - let result = try ECDSA.Es256k.verify( + let result = try Secp256k1.verify( payload: try XCTUnwrap(Data.fromHexString(vector.input.data)), signature: try XCTUnwrap(Data.fromHexString(vector.input.signature)), publicKey: vector.input.key diff --git a/Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519Tests.swift b/Tests/Web5Tests/Crypto/Algorithms/Ed25519Tests.swift similarity index 54% rename from Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519Tests.swift rename to Tests/Web5Tests/Crypto/Algorithms/Ed25519Tests.swift index 7064165..3acd725 100644 --- a/Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/EdDSA+Ed25519Tests.swift +++ b/Tests/Web5Tests/Crypto/Algorithms/Ed25519Tests.swift @@ -3,12 +3,12 @@ import XCTest @testable import Web5 -final class EdDSA_Ed25519Tests: XCTestCase { +final class Ed25519Tests: XCTestCase { let payload = "Hello, World!".data(using: .utf8)! func test_generateKey() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() + let privateKey = try Ed25519.generatePrivateKey() XCTAssertEqual(privateKey.keyType, .octetKeyPair) XCTAssertEqual(privateKey.curve, .ed25519) @@ -23,8 +23,8 @@ final class EdDSA_Ed25519Tests: XCTestCase { } func test_computePublicKey() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let publicKey = try EdDSA.Ed25519.computePublicKey(privateKey: privateKey) + let privateKey = try Ed25519.generatePrivateKey() + let publicKey = try Ed25519.computePublicKey(privateKey: privateKey) XCTAssertEqual(publicKey.keyType, .octetKeyPair) XCTAssertEqual(publicKey.curve, .ed25519) @@ -41,48 +41,48 @@ final class EdDSA_Ed25519Tests: XCTestCase { } func test_privateKey_toAndFromBytes() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let privateKeyBytes = try EdDSA.Ed25519.privateKeyToBytes(privateKey) - let restoredPrivateKey = try EdDSA.Ed25519.privateKeyFromBytes(privateKeyBytes) + let privateKey = try Ed25519.generatePrivateKey() + let privateKeyBytes = try Ed25519.privateKeyToBytes(privateKey) + let restoredPrivateKey = try Ed25519.privateKeyFromBytes(privateKeyBytes) XCTAssertNoDifference(privateKey, restoredPrivateKey) } func test_publicKey_toAndFromBytes() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let publicKey = try EdDSA.Ed25519.computePublicKey(privateKey: privateKey) - let publicKeyBytes = try EdDSA.Ed25519.publicKeyToBytes(publicKey) - let restoredPublicKey = try EdDSA.Ed25519.publicKeyFromBytes(publicKeyBytes) + let privateKey = try Ed25519.generatePrivateKey() + let publicKey = try Ed25519.computePublicKey(privateKey: privateKey) + let publicKeyBytes = try Ed25519.publicKeyToBytes(publicKey) + let restoredPublicKey = try Ed25519.publicKeyFromBytes(publicKeyBytes) XCTAssertNoDifference(publicKey, restoredPublicKey) } func test_sign() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let signature = try EdDSA.Ed25519.sign(payload: payload, privateKey: privateKey) + let privateKey = try Ed25519.generatePrivateKey() + let signature = try Ed25519.sign(payload: payload, privateKey: privateKey) // Signatures should always be 64 bytes in length XCTAssertEqual(signature.count, 64) } func test_sign_errorsWhenPrivateKeyFromAnotherAlgorithm() throws { - let es256kPrivateKey = try ECDSA.Es256k.generatePrivateKey() - XCTAssertThrowsError(try EdDSA.Ed25519.sign(payload: payload, privateKey: es256kPrivateKey)) + let secp256k1PrivateKey = try Secp256k1.generatePrivateKey() + XCTAssertThrowsError(try Ed25519.sign(payload: payload, privateKey: secp256k1PrivateKey)) } func test_verify() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let publickey = try EdDSA.Ed25519.computePublicKey(privateKey: privateKey) - let signature = try EdDSA.Ed25519.sign(payload: payload, privateKey: privateKey) - let isValid = try EdDSA.Ed25519.verify(payload: payload, signature: signature, publicKey: publickey) + let privateKey = try Ed25519.generatePrivateKey() + let publickey = try Ed25519.computePublicKey(privateKey: privateKey) + let signature = try Ed25519.sign(payload: payload, privateKey: privateKey) + let isValid = try Ed25519.verify(payload: payload, signature: signature, publicKey: publickey) XCTAssertTrue(isValid) } func test_verify_invalidWhenPayloadMutated() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let publickey = try EdDSA.Ed25519.computePublicKey(privateKey: privateKey) - let signature = try EdDSA.Ed25519.sign(payload: payload, privateKey: privateKey) + let privateKey = try Ed25519.generatePrivateKey() + let publickey = try Ed25519.computePublicKey(privateKey: privateKey) + let signature = try Ed25519.sign(payload: payload, privateKey: privateKey) // Make a copy and flip the least significant bit of the payload var mutatedPayload = payload @@ -90,21 +90,21 @@ final class EdDSA_Ed25519Tests: XCTestCase { // Verification should return false, as the verified payload does not // match the payload used to generate the signature - let isValid = try EdDSA.Ed25519.verify(payload: mutatedPayload, signature: signature, publicKey: publickey) + let isValid = try Ed25519.verify(payload: mutatedPayload, signature: signature, publicKey: publickey) XCTAssertFalse(isValid) } func test_verify_invalidWhenSignatureMutated() throws { - let privateKey = try EdDSA.Ed25519.generatePrivateKey() - let publickey = try EdDSA.Ed25519.computePublicKey(privateKey: privateKey) - let signature = try EdDSA.Ed25519.sign(payload: payload, privateKey: privateKey) + let privateKey = try Ed25519.generatePrivateKey() + let publickey = try Ed25519.computePublicKey(privateKey: privateKey) + let signature = try Ed25519.sign(payload: payload, privateKey: privateKey) // Make a copy and flip the least significant bit of the signature var mutatedSignature = signature mutatedSignature[0] ^= 1 << 0 // Verification should return false, as the signature for the payload has been mutated - let isValid = try EdDSA.Ed25519.verify(payload: payload, signature: mutatedSignature, publicKey: publickey) + let isValid = try Ed25519.verify(payload: payload, signature: mutatedSignature, publicKey: publickey) XCTAssertFalse(isValid) } } diff --git a/Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256kTests.swift b/Tests/Web5Tests/Crypto/Algorithms/Secp256k1Tests.swift similarity index 51% rename from Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256kTests.swift rename to Tests/Web5Tests/Crypto/Algorithms/Secp256k1Tests.swift index 535d790..945bac4 100644 --- a/Tests/Web5Tests/Crypto/DigitalSignatureAlgorithms/ECDSA+Es256kTests.swift +++ b/Tests/Web5Tests/Crypto/Algorithms/Secp256k1Tests.swift @@ -3,12 +3,12 @@ import XCTest @testable import Web5 -final class ECDSA_Es256kTests: XCTestCase { +final class Secp256k1Tests: XCTestCase { let payload = "Hello, World!".data(using: .utf8)! func test_generatePrivateKey() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() + let privateKey = try Secp256k1.generatePrivateKey() XCTAssertEqual(privateKey.curve, .secp256k1) XCTAssertEqual(privateKey.keyType, .elliptic) @@ -19,8 +19,8 @@ final class ECDSA_Es256kTests: XCTestCase { } func test_computePublicKey() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let publicKey = try ECDSA.Es256k.computePublicKey(privateKey: privateKey) + let privateKey = try Secp256k1.generatePrivateKey() + let publicKey = try Secp256k1.computePublicKey(privateKey: privateKey) XCTAssertEqual(publicKey.curve, .secp256k1) XCTAssertEqual(publicKey.keyType, .elliptic) @@ -37,48 +37,48 @@ final class ECDSA_Es256kTests: XCTestCase { } func test_privateKey_toAndFromBytes() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let privateKeyBytes = try ECDSA.Es256k.privateKeyToBytes(privateKey) - let restoredPrivateKey = try ECDSA.Es256k.privateKeyFromBytes(privateKeyBytes) + let privateKey = try Secp256k1.generatePrivateKey() + let privateKeyBytes = try Secp256k1.privateKeyToBytes(privateKey) + let restoredPrivateKey = try Secp256k1.privateKeyFromBytes(privateKeyBytes) XCTAssertNoDifference(privateKey, restoredPrivateKey) } func test_publicKey_toAndFromBytes() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let publicKey = try ECDSA.Es256k.computePublicKey(privateKey: privateKey) - let publicKeyBytes = try ECDSA.Es256k.publicKeyToBytes(publicKey) - let restoredPublicKey = try ECDSA.Es256k.publicKeyFromBytes(publicKeyBytes) + let privateKey = try Secp256k1.generatePrivateKey() + let publicKey = try Secp256k1.computePublicKey(privateKey: privateKey) + let publicKeyBytes = try Secp256k1.publicKeyToBytes(publicKey) + let restoredPublicKey = try Secp256k1.publicKeyFromBytes(publicKeyBytes) XCTAssertNoDifference(publicKey, restoredPublicKey) } func test_sign() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let signature = try ECDSA.Es256k.sign(payload: payload, privateKey: privateKey) + let privateKey = try Secp256k1.generatePrivateKey() + let signature = try Secp256k1.sign(payload: payload, privateKey: privateKey) /// Signatures should always be 64 bytes in length XCTAssertEqual(signature.count, 64) } func test_sign_errorsWhenPrivateKeyFromAnotherAlgorithm() throws { - let ed25519PrivateKey = try EdDSA.Ed25519.generatePrivateKey() - XCTAssertThrowsError(try ECDSA.Es256k.sign(payload: payload, privateKey: ed25519PrivateKey)) + let ed25519PrivateKey = try Ed25519.generatePrivateKey() + XCTAssertThrowsError(try Secp256k1.sign(payload: payload, privateKey: ed25519PrivateKey)) } func test_verify() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let publickey = try ECDSA.Es256k.computePublicKey(privateKey: privateKey) - let signature = try ECDSA.Es256k.sign(payload: payload, privateKey: privateKey) - let isValid = try ECDSA.Es256k.verify(payload: payload, signature: signature, publicKey: publickey) + let privateKey = try Secp256k1.generatePrivateKey() + let publickey = try Secp256k1.computePublicKey(privateKey: privateKey) + let signature = try Secp256k1.sign(payload: payload, privateKey: privateKey) + let isValid = try Secp256k1.verify(payload: payload, signature: signature, publicKey: publickey) XCTAssertTrue(isValid) } func test_verify_invalidWhenPayloadMutated() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let publickey = try ECDSA.Es256k.computePublicKey(privateKey: privateKey) - let signature = try ECDSA.Es256k.sign(payload: payload, privateKey: privateKey) + let privateKey = try Secp256k1.generatePrivateKey() + let publickey = try Secp256k1.computePublicKey(privateKey: privateKey) + let signature = try Secp256k1.sign(payload: payload, privateKey: privateKey) // Make a copy and flip the least significant bit of the payload var mutatedPayload = payload @@ -86,21 +86,21 @@ final class ECDSA_Es256kTests: XCTestCase { // Verification should return false, as the verified payload does not // match the payload used to generate signature - let isValid = try ECDSA.Es256k.verify(payload: mutatedPayload, signature: signature, publicKey: publickey) + let isValid = try Secp256k1.verify(payload: mutatedPayload, signature: signature, publicKey: publickey) XCTAssertFalse(isValid) } func test_verify_invalidWhenSignatureMutated() throws { - let privateKey = try ECDSA.Es256k.generatePrivateKey() - let publickey = try ECDSA.Es256k.computePublicKey(privateKey: privateKey) - let signature = try ECDSA.Es256k.sign(payload: payload, privateKey: privateKey) + let privateKey = try Secp256k1.generatePrivateKey() + let publickey = try Secp256k1.computePublicKey(privateKey: privateKey) + let signature = try Secp256k1.sign(payload: payload, privateKey: privateKey) // Make a copy and flip the least significant bit of the signature var mutatedSignature = Data(signature) mutatedSignature[0] ^= 1 << 0 // Verification should return false, as the signature for the payload has been mutated - let isValid = try ECDSA.Es256k.verify(payload: payload, signature: mutatedSignature, publicKey: publickey) + let isValid = try Secp256k1.verify(payload: payload, signature: mutatedSignature, publicKey: publickey) XCTAssertFalse(isValid) } }