1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
package signerverifier
import (
"context"
"crypto"
"crypto/ed25519"
"encoding/hex"
"fmt"
"os"
)
const ED25519KeyType = "ed25519"
// ED25519SignerVerifier is a dsse.SignerVerifier compliant interface to sign
// and verify signatures using ED25519 keys.
type ED25519SignerVerifier struct {
keyID string
private ed25519.PrivateKey
public ed25519.PublicKey
}
// NewED25519SignerVerifierFromSSLibKey creates an Ed25519SignerVerifier from an
// SSLibKey.
func NewED25519SignerVerifierFromSSLibKey(key *SSLibKey) (*ED25519SignerVerifier, error) {
if len(key.KeyVal.Public) == 0 {
return nil, ErrInvalidKey
}
public, err := hex.DecodeString(key.KeyVal.Public)
if err != nil {
return nil, fmt.Errorf("unable to create ED25519 signerverifier: %w", err)
}
var private []byte
if len(key.KeyVal.Private) > 0 {
private, err = hex.DecodeString(key.KeyVal.Private)
if err != nil {
return nil, fmt.Errorf("unable to create ED25519 signerverifier: %w", err)
}
// python-securesystemslib provides an interface to generate ed25519
// keys but it differs slightly in how it serializes the key to disk.
// Specifically, the keyval.private field includes _only_ the private
// portion of the key while libraries such as crypto/ed25519 also expect
// the public portion. So, if the private portion is half of what we
// expect, we append the public portion as well.
if len(private) == ed25519.PrivateKeySize/2 {
private = append(private, public...)
}
}
return &ED25519SignerVerifier{
keyID: key.KeyID,
public: ed25519.PublicKey(public),
private: ed25519.PrivateKey(private),
}, nil
}
// Sign creates a signature for `data`.
func (sv *ED25519SignerVerifier) Sign(ctx context.Context, data []byte) ([]byte, error) {
if len(sv.private) == 0 {
return nil, ErrNotPrivateKey
}
signature := ed25519.Sign(sv.private, data)
return signature, nil
}
// Verify verifies the `sig` value passed in against `data`.
func (sv *ED25519SignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error {
if ok := ed25519.Verify(sv.public, data, sig); ok {
return nil
}
return ErrSignatureVerificationFailed
}
// KeyID returns the identifier of the key used to create the
// ED25519SignerVerifier instance.
func (sv *ED25519SignerVerifier) KeyID() (string, error) {
return sv.keyID, nil
}
// Public returns the public portion of the key used to create the
// ED25519SignerVerifier instance.
func (sv *ED25519SignerVerifier) Public() crypto.PublicKey {
return sv.public
}
// LoadED25519KeyFromFile returns an SSLibKey instance for an ED25519 key stored
// in a file in the custom securesystemslib format.
func LoadED25519KeyFromFile(path string) (*SSLibKey, error) {
contents, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("unable to load ED25519 key from file: %w", err)
}
return LoadKeyFromSSLibBytes(contents)
}
|