Use base64 encoding for JcsEip191Signature2022 integrity proofs

2022-11-19 12:38:23 +00:00 · 2022-11-19 12:38:23 +00:00 · a46ceeb575
commit a46ceeb575
parent 5974ac8618
5 changed files with 16 additions and 11 deletions
--- a/src/ethereum/identity.rs
+++ b/src/ethereum/identity.rs
@ -14,9 +14,9 @@ pub enum Eip191VerificationError {
 pub fn verify_eip191_signature(
    did: &DidPkh,
    message: &str,
-    signature: &str,
+    signature_hex: &str,
 ) -> Result<(), Eip191VerificationError> {
-    let signature_data = signature.parse()?;
+    let signature_data = signature_hex.parse()?;
    let signer = recover_address(message.as_bytes(), &signature_data)?;
    if address_to_string(signer) != did.address.to_lowercase() {
        return Err(Eip191VerificationError::InvalidSigner);
@ -28,9 +28,9 @@ pub fn verify_eip191_signature(
 pub fn verify_eip191_identity_proof(
    did: &DidPkh,
    message: &str,
-    signature: &str,
+    signature_hex: &str,
 ) -> Result<(), Eip191VerificationError> {
-    verify_eip191_signature(did, message, signature)
+    verify_eip191_signature(did, message, signature_hex)
 }

 #[cfg(test)]
--- a/src/ethereum/signatures.rs
+++ b/src/ethereum/signatures.rs
@ -62,9 +62,9 @@ impl ToString for SignatureData {
 impl FromStr for SignatureData {
    type Err = SignatureError;

-    fn from_str(value: &str) -> Result<Self, Self::Err> {
+    fn from_str(value_hex: &str) -> Result<Self, Self::Err> {
        let mut bytes = [0u8; 65];
-        hex::decode_to_slice(value, &mut bytes)
+        hex::decode_to_slice(value_hex, &mut bytes)
            .map_err(|_| Self::Err::InvalidSignature)?;
        let v = bytes[64].into();
        let r = bytes[0..32].try_into()
--- a/src/json_signatures/create.rs
+++ b/src/json_signatures/create.rs
@ -50,14 +50,14 @@ impl IntegrityProof {

    pub fn jcs_eip191(
        signer: &DidPkh,
-        signature: &str,
+        signature: &[u8],
    ) -> Self {
        Self {
            proof_type: PROOF_TYPE_JCS_EIP191.to_string(),
            proof_purpose: PROOF_PURPOSE.to_string(),
            verification_method: signer.to_string(),
            created: Utc::now(),
-            proof_value: signature.to_string(),
+            proof_value: base64::encode(signature),
        }
    }

--- a/src/json_signatures/verify.rs
+++ b/src/json_signatures/verify.rs
@ -120,7 +120,9 @@ pub fn verify_eip191_json_signature(
    message: &str,
    signature: &str,
 ) -> Result<(), VerificationError> {
-    verify_eip191_signature(signer, message, signature)
+    let signature_bin = base64::decode(signature)?;
+    let signature_hex = hex::encode(&signature_bin);
+    verify_eip191_signature(signer, message, &signature_hex)
        .map_err(|_| VerificationError::InvalidSignature)
 }

--- a/src/mastodon_api/accounts/views.rs
+++ b/src/mastodon_api/accounts/views.rs
@ -298,9 +298,12 @@ async fn send_signed_update(
            IntegrityProof::jcs_minisign(&signer, &data.signature)
        },
        Did::Pkh(signer) => {
-            verify_eip191_json_signature(&signer, &canonical_json, &data.signature)
+            let signature_bin = hex::decode(&data.signature)
+                .map_err(|_| ValidationError("invalid encoding"))?;
+            let signature_b64 = base64::encode(&signature_bin);
+            verify_eip191_json_signature(&signer, &canonical_json, &signature_b64)
                .map_err(|_| ValidationError("invalid signature"))?;
-            IntegrityProof::jcs_eip191(&signer, &data.signature)
+            IntegrityProof::jcs_eip191(&signer, &signature_bin)
        },
    };
    let mut activity_value = serde_json::to_value(activity)