ruma_signatures/
signatures.rs

1//! Digital signatures and collections of signatures.
2
3use ruma_common::{
4    serde::{base64::Standard, Base64},
5    AnyKeyName, IdParseError, OwnedSigningKeyId, SigningKeyAlgorithm, SigningKeyId,
6};
7
8/// A digital signature.
9#[derive(Clone, Debug, Eq, Hash, PartialEq)]
10pub struct Signature {
11    /// The ID of the key used to generate this signature.
12    pub(crate) key_id: OwnedSigningKeyId<AnyKeyName>,
13
14    /// The signature data.
15    pub(crate) signature: Vec<u8>,
16}
17
18impl Signature {
19    /// Creates a signature from raw bytes.
20    ///
21    /// This constructor will ensure that the key ID has the correct `algorithm:key_name` format.
22    ///
23    /// # Parameters
24    ///
25    /// * `id`: A key identifier, e.g. `ed25519:1`.
26    /// * `bytes`: The digital signature, as a series of bytes.
27    ///
28    /// # Errors
29    ///
30    /// Returns an error if:
31    ///
32    /// * The key ID is malformed.
33    pub fn new(id: &str, bytes: &[u8]) -> Result<Self, IdParseError> {
34        let key_id = SigningKeyId::<AnyKeyName>::parse(id)?;
35
36        Ok(Self { key_id, signature: bytes.to_vec() })
37    }
38
39    /// The algorithm used to generate the signature.
40    pub fn algorithm(&self) -> SigningKeyAlgorithm {
41        self.key_id.algorithm()
42    }
43
44    /// The raw bytes of the signature.
45    pub fn as_bytes(&self) -> &[u8] {
46        self.signature.as_slice()
47    }
48
49    /// A base64 encoding of the signature.
50    ///
51    /// Uses the standard character set with no padding.
52    pub fn base64(&self) -> String {
53        Base64::<Standard, _>::new(self.signature.as_slice()).encode()
54    }
55
56    /// The key identifier, a string containing the signature algorithm and the key "version"
57    /// separated by a colon, e.g. `ed25519:1`.
58    pub fn id(&self) -> String {
59        self.key_id.to_string()
60    }
61
62    /// The "version" of the key used for this signature.
63    ///
64    /// Versions are used as an identifier to distinguish signatures generated from different keys
65    /// but using the same algorithm on the same homeserver.
66    pub fn version(&self) -> &str {
67        self.key_id.key_name().as_ref()
68    }
69}
70
71#[cfg(test)]
72mod tests {
73    use ruma_common::SigningKeyAlgorithm;
74
75    use super::Signature;
76
77    #[test]
78    fn valid_key_id() {
79        let signature = Signature::new("ed25519:abcdef", &[]).unwrap();
80        assert_eq!(signature.algorithm(), SigningKeyAlgorithm::Ed25519);
81        assert_eq!(signature.version(), "abcdef");
82    }
83
84    #[test]
85    fn unknown_key_id_algorithm() {
86        let signature = Signature::new("foobar:abcdef", &[]).unwrap();
87        assert_eq!(signature.algorithm().as_str(), "foobar");
88        assert_eq!(signature.version(), "abcdef");
89    }
90
91    #[test]
92    fn invalid_key_id_format() {
93        Signature::new("ed25519", &[]).unwrap_err();
94    }
95}