feat: add secp256k1 support (#3)

Adds a secp256k1 signer and verifier as well as varsig support.

Author: alanshaw

did/did.go

@@ -18,6 +18,7 @@ const KeyPrefix = Prefix + "key:"
 const DIDCore = 0x0d1d
 const Ed25519 = 0xed
 const RSA = 0x1205
+const Secp256k1 = 0xe7
 
 var MethodOffset = varint.UvarintSize(uint64(DIDCore))
 

go.mod

@@ -11,22 +11,27 @@ require (
 	github.com/multiformats/go-multibase v0.2.0
 	github.com/multiformats/go-multihash v0.2.3
 	github.com/multiformats/go-varint v0.0.7
-	github.com/stretchr/testify v1.10.0
+	github.com/stretchr/testify v1.11.1
 	github.com/whyrusleeping/cbor-gen v0.3.1
+	gitlab.com/yawning/secp256k1-voi v0.0.0-20230925100816-f2616030848b
 	golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
 	github.com/minio/sha256-simd v1.0.0 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect
 	github.com/multiformats/go-base32 v0.0.3 // indirect
 	github.com/multiformats/go-base36 v0.1.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rogpeppe/go-internal v1.14.1 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
-	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/sys v0.28.0 // indirect
+	gitlab.com/yawning/tuplehash v0.0.0-20230713102510-df83abbf9a02 // indirect
+	golang.org/x/crypto v0.44.0 // indirect
+	golang.org/x/sys v0.40.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	lukechampine.com/blake3 v1.1.6 // indirect
 	pitr.ca/jsontokenizer v0.3.0 // indirect

go.sum

@@ -1,5 +1,6 @@
 github.com/alanshaw/dag-json-gen v0.0.4 h1:qoryz04TVH6zu16NRFnzgolzQGaPfTvoIawv/F5rDoY=
 github.com/alanshaw/dag-json-gen v0.0.4/go.mod h1:rXxWw0SItP9QjxpRMpkju66h0KumF7TPCtvHdOKS5lY=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
@@ -9,6 +10,13 @@ github.com/ipfs/go-cid v0.5.0/go.mod h1:0L7vmeNXpQpUS9vt+yEARkJ8rOg43DF3iPgn4GIN
 github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE=
 github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU=
 github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
@@ -25,22 +33,31 @@ github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7B
 github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
 github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
 github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
 github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
-github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
-github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/whyrusleeping/cbor-gen v0.3.1 h1:82ioxmhEYut7LBVGhGq8xoRkXPLElVuh5mV67AFfdv0=
 github.com/whyrusleeping/cbor-gen v0.3.1/go.mod h1:pM99HXyEbSQHcosHc0iW7YFmwnscr+t9Te4ibko05so=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+gitlab.com/yawning/secp256k1-voi v0.0.0-20230925100816-f2616030848b h1:CzigHMRySiX3drau9C6Q5CAbNIApmLdat5jPMqChvDA=
+gitlab.com/yawning/secp256k1-voi v0.0.0-20230925100816-f2616030848b/go.mod h1:/y/V339mxv2sZmYYR64O07VuCpdNZqCTwO8ZcouTMI8=
+gitlab.com/yawning/tuplehash v0.0.0-20230713102510-df83abbf9a02 h1:qwDnMxjkyLmAFgcfgTnfJrmYKWhHnci3GjDqcZp1M3Q=
+gitlab.com/yawning/tuplehash v0.0.0-20230713102510-df83abbf9a02/go.mod h1:JTnUj0mpYiAsuZLmKjTx/ex3AtMowcCgnE7YNyCEP0I=
+golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU=
+golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc=
+golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
+golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 lukechampine.com/blake3 v1.1.6 h1:H3cROdztr7RCfoaTpGZFQsrqvweFLrqS73j7L7cmR5c=

principal/ed25519/signer.go

@@ -8,13 +8,14 @@ import (
 	"github.com/alanshaw/ucantone/did"
 	"github.com/alanshaw/ucantone/principal"
 	"github.com/alanshaw/ucantone/principal/ed25519/verifier"
+	"github.com/alanshaw/ucantone/varsig"
 	"github.com/multiformats/go-multibase"
 	"github.com/multiformats/go-varint"
 )
 
 const Code = 0x1300
 
-const SignatureCode = verifier.SignatureCode
+var SignatureAlgorithm = verifier.SignatureAlgorithm
 
 var tagSize = varint.UvarintSize(Code)
 
@@ -86,8 +87,8 @@ func (s Signer) Code() uint64 {
 	return Code
 }
 
-func (s Signer) SignatureCode() uint64 {
-	return SignatureCode
+func (s Signer) SignatureAlgorithm() varsig.SignatureAlgorithm {
+	return SignatureAlgorithm
 }
 
 func (s Signer) Verifier() principal.Verifier {

principal/ed25519/verifier/verifier.go

@@ -9,13 +9,14 @@ import (
 	"github.com/alanshaw/ucantone/did"
 	"github.com/alanshaw/ucantone/principal"
 	"github.com/alanshaw/ucantone/principal/multiformat"
-	vsed "github.com/alanshaw/ucantone/varsig/algorithm/ed25519"
+	varsig_ed25519 "github.com/alanshaw/ucantone/varsig/algorithm/ed25519"
 	"github.com/multiformats/go-multibase"
 	"github.com/multiformats/go-varint"
 )
 
 const Code = 0xed
-const SignatureCode = vsed.Code
+
+var SignatureAlgorithm = varsig_ed25519.New()
 
 var publicTagSize = varint.UvarintSize(Code)
 

principal/secp256k1/signer.go

@@ -0,0 +1,130 @@
+package secp256k1
+
+import (
+	"crypto"
+	"crypto/sha256"
+	"fmt"
+
+	"github.com/alanshaw/ucantone/did"
+	"github.com/alanshaw/ucantone/principal"
+	"github.com/alanshaw/ucantone/principal/secp256k1/verifier"
+	"github.com/alanshaw/ucantone/varsig"
+	"github.com/multiformats/go-multibase"
+	"github.com/multiformats/go-varint"
+	"gitlab.com/yawning/secp256k1-voi/secec"
+)
+
+const Code = 0x1301
+
+var SignatureAlgorithm = verifier.SignatureAlgorithm
+
+var tagSize = varint.UvarintSize(Code)
+
+const keySize = 32
+
+var size = tagSize + keySize
+
+func Generate() (Signer, error) {
+	sk, err := secec.GenerateKey()
+	if err != nil {
+		return nil, fmt.Errorf("generating secp256k1 key: %w", err)
+	}
+	s := make(Signer, size)
+	varint.PutUvarint(s, Code)
+	copy(s[tagSize:], sk.Bytes())
+	return s, nil
+}
+
+// Parse parses a multibase encoded string containing a secp256k1 signer
+// multiformat varint (0x1301) +  byte secp256k1 raw scalar value.
+func Parse(str string) (Signer, error) {
+	_, bytes, err := multibase.Decode(str)
+	if err != nil {
+		return nil, fmt.Errorf("decoding multibase string: %w", err)
+	}
+	return Decode(bytes)
+}
+
+// Decode decodes a buffer of a secp256k1 signer multiformat varint (0x1301) +
+// 32 byte secp256k1 raw scalar value.
+func Decode(b []byte) (Signer, error) {
+	if len(b) != size {
+		return nil, fmt.Errorf("invalid length: %d wanted: %d", len(b), size)
+	}
+	skc, _, err := varint.FromUvarint(b)
+	if err != nil {
+		return nil, fmt.Errorf("reading private key uvarint: %w", err)
+	}
+	if skc != Code {
+		return nil, fmt.Errorf("invalid private key codec: 0x%02x, expected: 0x%02x", skc, Code)
+	}
+	_, err = secec.NewPrivateKey(b[tagSize:])
+	if err != nil {
+		return nil, fmt.Errorf("creating private key: %w", err)
+	}
+	s := make(Signer, size)
+	copy(s, b)
+	return s, nil
+}
+
+// FromRaw takes raw 32 byte scalar value and tags with the secp256k1
+// signer multiformat code, returning a secp256k1 signer.
+func FromRaw(b []byte) (Signer, error) {
+	if len(b) != keySize {
+		return nil, fmt.Errorf("invalid length: %d wanted: %d", len(b), keySize)
+	}
+	s := make(Signer, size)
+	varint.PutUvarint(s, Code)
+	copy(s[tagSize:], b)
+	return s, nil
+}
+
+type Signer []byte
+
+var _ principal.Signer = (Signer)(nil)
+
+func (s Signer) Code() uint64 {
+	return Code
+}
+
+func (s Signer) SignatureAlgorithm() varsig.SignatureAlgorithm {
+	return SignatureAlgorithm
+}
+
+func (s Signer) Verifier() principal.Verifier {
+	sk, _ := secec.NewPrivateKey(s[tagSize:])
+	v, _ := verifier.FromRaw(sk.PublicKey().CompressedBytes())
+	return v
+}
+
+func (s Signer) DID() did.DID {
+	return s.Verifier().DID()
+}
+
+// Bytes returns the private key bytes with multiformat prefix varint.
+func (s Signer) Bytes() []byte {
+	return s
+}
+
+// Raw encodes the bytes of the private key without multiformats tags.
+func (s Signer) Raw() []byte {
+	pk := make([]byte, keySize)
+	copy(pk, s[tagSize:size])
+	return pk
+}
+
+func (s Signer) Sign(msg []byte) []byte {
+	sk, _ := secec.NewPrivateKey(s[tagSize:])
+	hash := sha256.New()
+	hash.Write(msg)
+	sig, _ := sk.Sign(
+		secec.RFC6979SHA256(), // for deterministic signatures, per RFC6979
+		hash.Sum(nil),
+		&secec.ECDSAOptions{
+			Encoding:   secec.EncodingCompact,
+			Hash:       crypto.SHA256,
+			SelfVerify: false,
+		},
+	)
+	return sig
+}

principal/secp256k1/signer_test.go

@@ -0,0 +1,96 @@
+package secp256k1_test
+
+import (
+	"crypto"
+	"crypto/sha256"
+	"testing"
+
+	secp256k1 "github.com/alanshaw/ucantone/principal/secp256k1"
+	"github.com/alanshaw/ucantone/principal/signer"
+	"github.com/stretchr/testify/require"
+	"gitlab.com/yawning/secp256k1-voi/secec"
+)
+
+func TestGenerateEncodeDecode(t *testing.T) {
+	s0, err := secp256k1.Generate()
+	require.NoError(t, err)
+
+	t.Log(s0.DID().String())
+
+	s1, err := secp256k1.Decode(s0.Bytes())
+	require.NoError(t, err)
+
+	t.Log(s1.DID().String())
+	require.Equal(t, s0.DID(), s1.DID(), "public key mismatch")
+}
+
+func TestGenerateFormatParse(t *testing.T) {
+	s0, err := secp256k1.Generate()
+	require.NoError(t, err)
+
+	t.Log(s0.DID().String())
+
+	str := signer.Format(s0)
+	t.Log(str)
+
+	s1, err := secp256k1.Parse(str)
+	require.NoError(t, err)
+
+	t.Log(s1.DID().String())
+	require.Equal(t, s0.DID(), s1.DID(), "public key mismatch")
+}
+
+func TestVerify(t *testing.T) {
+	s, err := secp256k1.Generate()
+	require.NoError(t, err)
+
+	msg := []byte("testy")
+	sig := s.Sign(msg)
+
+	res := s.Verifier().Verify(msg, sig)
+	require.True(t, res)
+}
+
+func TestSignerRaw(t *testing.T) {
+	s, err := secp256k1.Generate()
+	require.NoError(t, err)
+
+	msg := []byte{1, 2, 3}
+	hash := sha256.New()
+	hash.Write(msg)
+	raw := s.Raw()
+
+	sk, err := secec.NewPrivateKey(raw)
+	require.NoError(t, err)
+
+	sig, err := sk.Sign(
+		secec.RFC6979SHA256(),
+		hash.Sum(nil),
+		&secec.ECDSAOptions{
+			Encoding:   secec.EncodingCompact,
+			SelfVerify: false,
+			Hash:       crypto.SHA256,
+		},
+	)
+	require.NoError(t, err)
+
+	require.Equal(t, s.Sign(msg), sig)
+}
+
+func TestFromRaw(t *testing.T) {
+	t.Run("round trip", func(t *testing.T) {
+		priv, err := secec.GenerateKey()
+		require.NoError(t, err)
+
+		s, err := secp256k1.FromRaw(priv.Bytes())
+		require.NoError(t, err)
+
+		require.Equal(t, priv.Bytes(), s.Raw())
+	})
+
+	t.Run("invalid length", func(t *testing.T) {
+		_, err := secp256k1.FromRaw([]byte{})
+		require.Error(t, err)
+		require.ErrorContains(t, err, "invalid length")
+	})
+}