Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

Add ecdsa::Pair::verify_prehashed() #8996

Merged
4 commits merged into from
Jun 3, 2021
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 61 additions & 0 deletions primitives/core/src/ecdsa.rs
Original file line number Diff line number Diff line change
Expand Up @@ -354,6 +354,18 @@ impl Signature {
.ok()
.map(|recovered| Public(recovered.serialize_compressed()))
}

/// Recover the public key from this signature and a pre-hashed message.
#[cfg(feature = "full_crypto")]
pub fn recover_prehashed(&self, message: &[u8; 32]) -> Option<Public> {
let message = secp256k1::Message::parse(message);

let sig: (_, _) = self.try_into().ok()?;

secp256k1::recover(&message, &sig.0, &sig.1)
.ok()
.map(|key| Public(key.serialize_compressed()))
}
}

#[cfg(feature = "full_crypto")]
Expand Down Expand Up @@ -537,6 +549,22 @@ impl Pair {
let message = secp256k1::Message::parse(message);
secp256k1::sign(&message, &self.secret).into()
}

/// Verify a signature on a pre-hashed message. Return `true` if the signature is valid
adoerr marked this conversation as resolved.
Show resolved Hide resolved
/// and thus matches the given `public` key.
pub fn verify_prehashed(sig: &Signature, message: &[u8; 32], public: &Public) -> bool {
let message = secp256k1::Message::parse(message);

let sig: (_, _) = match sig.try_into() {
Ok(x) => x,
_ => return false,
};

match secp256k1::recover(&message, &sig.0, &sig.1) {
Ok(actual) => public.0[..] == actual.serialize_compressed()[..],
_ => false,
}
}
}

impl CryptoType for Public {
Expand Down Expand Up @@ -791,4 +819,37 @@ mod test {

assert_eq!(sig1, sig2);
}

#[test]
fn verify_prehashed_works() {
let (pair, _, _) = Pair::generate_with_phrase(Some("password"));

// `msg` and `sig` match
let msg = keccak_256(b"this should be hashed");
let sig = pair.sign_prehashed(&msg);
assert!(Pair::verify_prehashed(&sig, &msg, &pair.public()));

// `msg` and `sig` don't match
let msg = keccak_256(b"this is a different message");
assert!(!Pair::verify_prehashed(&sig, &msg, &pair.public()));
}

#[test]
fn recover_prehashed_works() {
let (pair, _, _) = Pair::generate_with_phrase(Some("password"));

// recovered key matches signing key
let msg = keccak_256(b"this should be hashed");
let sig = pair.sign_prehashed(&msg);
let key = sig.recover_prehashed(&msg).unwrap();
assert_eq!(pair.public(), key);

// recovered key is useable
assert!(Pair::verify_prehashed(&sig, &msg, &key));

// recovered key and signing key don't match
let msg = keccak_256(b"this is a different message");
let key = sig.recover_prehashed(&msg).unwrap();
assert_ne!(pair.public(), key);
}
}