Merge pull request #1755 from waku-org/feat/validate-signature

2023-12-12 12:05:11 +11:00 · 2023-12-12 12:05:11 +11:00 · 8ad470fa89
parent 411b76059c 853ac7464d
commit 8ad470fa89
5 changed files with 43 additions and 5 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -26179,7 +26179,8 @@
        "@waku/proto": "0.0.5",
        "@waku/utils": "0.0.13",
        "debug": "^4.3.4",
-        "js-sha3": "^0.9.2"
+        "js-sha3": "^0.9.2",
+        "uint8arrays": "^5.0.0"
      },
      "devDependencies": {
        "@rollup/plugin-commonjs": "^25.0.7",
@ -26200,6 +26201,14 @@
        "node": ">=18"
      }
    },
+    "packages/message-encryption/node_modules/uint8arrays": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-5.0.0.tgz",
+      "integrity": "sha512-RWO7gR4x6syxnKDfZO8mDCsaaYs1/BqZCxlHgrcRge50E9GTnLmtoA4kwFSGIL4s3dQkryeTkvtG6oEFEya3yg==",
+      "dependencies": {
+        "multiformats": "^12.0.1"
+      }
+    },
    "packages/message-hash": {
      "name": "@waku/message-hash",
      "version": "0.1.9",
@ -29529,7 +29538,18 @@
        "mocha": "^10.2.0",
        "npm-run-all": "^4.1.5",
        "process": "^0.11.10",
-        "rollup": "^4.6.0"
+        "rollup": "^4.6.0",
+        "uint8arrays": "^5.0.0"
+      },
+      "dependencies": {
+        "uint8arrays": {
+          "version": "5.0.0",
+          "resolved": "https://registry.npmjs.org/uint8arrays/-/uint8arrays-5.0.0.tgz",
+          "integrity": "sha512-RWO7gR4x6syxnKDfZO8mDCsaaYs1/BqZCxlHgrcRge50E9GTnLmtoA4kwFSGIL4s3dQkryeTkvtG6oEFEya3yg==",
+          "requires": {
+            "multiformats": "^12.0.1"
+          }
+        }
      }
    },
    "@waku/message-hash": {
--- a/packages/message-encryption/package.json
+++ b/packages/message-encryption/package.json
@ -81,7 +81,8 @@
    "@waku/proto": "0.0.5",
    "@waku/utils": "0.0.13",
    "debug": "^4.3.4",
-    "js-sha3": "^0.9.2"
+    "js-sha3": "^0.9.2",
+    "uint8arrays": "^5.0.0"
  },
  "devDependencies": {
    "@rollup/plugin-commonjs": "^25.0.7",
--- a/packages/message-encryption/src/decoded_message.ts
+++ b/packages/message-encryption/src/decoded_message.ts
@ -3,6 +3,7 @@ import {
  proto
 } from "@waku/core/lib/message/version_0";
 import type { IDecodedMessage } from "@waku/interfaces";
+import { equals } from "uint8arrays/equals";

 export class DecodedMessage
  extends DecodedMessageV0
@ -24,4 +25,16 @@ export class DecodedMessage
  get payload(): Uint8Array {
    return this._decodedPayload;
  }
+
+  /**
+   * Verify the message's signature against the public key.
+   *
+   * @returns true if the signature matches the public key, false if not or if no signature is present.
+   */
+  verifySignature(publicKey: Uint8Array): boolean {
+    if (this.signaturePublicKey) {
+      return equals(this.signaturePublicKey, publicKey);
+    }
+    return false;
+  }
 }
--- a/packages/message-encryption/src/ecies.spec.ts
+++ b/packages/message-encryption/src/ecies.spec.ts
@ -34,14 +34,15 @@ describe("Ecies Encryption", function () {
          expect(result.version).to.equal(1);
          expect(result?.payload).to.deep.equal(payload);
          expect(result.signature).to.be.undefined;
+          expect(result.verifySignature(new Uint8Array())).to.be.false;
          expect(result.signaturePublicKey).to.be.undefined;
        }
      )
    );
  });

-  it("R trip binary encryption [ecies, signature]", async function () {
-    this.timeout(4000);
+  it("Round trip binary encryption [ecies, signature]", async function () {
+    this.timeout(6000);

    await fc.assert(
      fc.asyncProperty(
@ -78,6 +79,7 @@ describe("Ecies Encryption", function () {
          expect(result.version).to.equal(1);
          expect(result?.payload).to.deep.equal(payload);
          expect(result.signature).to.not.be.undefined;
+          expect(result.verifySignature(alicePublicKey)).to.be.true;
          expect(result.signaturePublicKey).to.deep.eq(alicePublicKey);
        }
      )
--- a/packages/message-encryption/src/symmetric.spec.ts
+++ b/packages/message-encryption/src/symmetric.spec.ts
@ -31,6 +31,7 @@ describe("Symmetric Encryption", function () {
          expect(result.version).to.equal(1);
          expect(result?.payload).to.deep.equal(payload);
          expect(result.signature).to.be.undefined;
+          expect(result.verifySignature(new Uint8Array())).to.be.false;
          expect(result.signaturePublicKey).to.be.undefined;
        }
      )
@ -66,6 +67,7 @@ describe("Symmetric Encryption", function () {
          expect(result.version).to.equal(1);
          expect(result?.payload).to.deep.equal(payload);
          expect(result.signature).to.not.be.undefined;
+          expect(result.verifySignature(sigPubKey)).to.be.true;
          expect(result.signaturePublicKey).to.deep.eq(sigPubKey);
        }
      )