Add decorated signature methods for signed payloads

keypair/from_address.go

@@ -75,6 +75,10 @@ func (kp *FromAddress) SignDecorated(input []byte) (xdr.DecoratedSignature, erro
  return xdr.DecoratedSignature{}, ErrCannotSign
 }
 
+func (kp *FromAddress) SignDecoratedPayload(input []byte) (xdr.DecoratedSignature, error) {
+ return xdr.DecoratedSignature{}, ErrCannotSign
+}
+
 func (kp *FromAddress) Equal(a *FromAddress) bool {
  if kp == nil && a == nil {
  return true

keypair/full.go

@@ -109,10 +109,18 @@ func (kp *Full) SignDecorated(input []byte) (xdr.DecoratedSignature, error) {
  return xdr.DecoratedSignature{}, err
  }
 
- return xdr.DecoratedSignature{
- Hint: xdr.SignatureHint(kp.Hint()),
- Signature: xdr.Signature(sig),
- }, nil
+ return xdr.NewDecoratedSignature(sig, kp.Hint()), nil
+}
+
+// SignDecoratedPayload returns a decorated signature using this key's hint and
+// the last four bytes of both the input and the signature on that input.
+func (kp *Full) SignDecoratedPayload(input []byte) (xdr.DecoratedSignature, error) {
+ sig, err := kp.Sign(input)
+ if err != nil {
+ return xdr.DecoratedSignature{}, err
+ }
+
+ return xdr.NewDecoratedSignatureForPayload(sig, kp.Hint(), input), nil
 }
 
 func (kp *Full) Equal(f *Full) bool {

keypair/full_test.go

@@ -106,4 +106,12 @@ var _ = Describe("keypair.Full", func() {
  })
  })
 
+ Describe("SignDecoratedForPayload()", func() {
+ It("returns the correct xdr struct", func() {
+ sig, err := subject.SignDecoratedPayload(message)
+ Expect(err).To(BeNil())
+ Expect(sig.Hint).To(BeEquivalentTo(payloadHint))
+ Expect(sig.Signature).To(BeEquivalentTo(signature))
+ })
+ })
 })

keypair/main.go

@@ -40,6 +40,7 @@ type KP interface {
  Sign(input []byte) ([]byte, error)
  SignBase64(input []byte) (string, error)
  SignDecorated(input []byte) (xdr.DecoratedSignature, error)
+ SignDecoratedPayload(input []byte) (xdr.DecoratedSignature, error)
 }
 
 // Random creates a random full keypair

keypair/main_test.go

@@ -19,12 +19,13 @@ func TestBuild(t *testing.T) {
 }
 
 var (
- address = "GBRPYHIL2CI3FNQ4BXLFMNDLFJUNPU2HY3ZMFSHONUCEOASW7QC7OX2H"
- seed = "SDHOAMBNLGCE2MV5ZKIVZAQD3VCLGP53P3OBSBI6UN5L5XZI5TKHFQL4"
- hint = [4]byte{0x56, 0xfc, 0x05, 0xf7}
- message = []byte("hello")
- signature = []byte{
- 0x2E, 0x75, 0xcc, 0x20, 0xd5, 0x19, 0x11, 0x1c, 0xaa, 0xaa, 0xdd, 0xdf,
+ address = "GBRPYHIL2CI3FNQ4BXLFMNDLFJUNPU2HY3ZMFSHONUCEOASW7QC7OX2H"
+ seed = "SDHOAMBNLGCE2MV5ZKIVZAQD3VCLGP53P3OBSBI6UN5L5XZI5TKHFQL4"
+ hint = [4]byte{0x56, 0xfc, 0x05, 0xf7}
+ payloadHint = [4]byte{0x33, 0x90, 0x69, 0x98}
+ message = []byte("hello")
+ signature = []byte{
+ 0x2e, 0x75, 0xcc, 0x20, 0xd5, 0x19, 0x11, 0x1c, 0xaa, 0xaa, 0xdd, 0xdf,
  0x46, 0x4b, 0xb6, 0x50, 0xd2, 0xea, 0xf0, 0xa5, 0xd1, 0x8d, 0x74, 0x56,
  0x93, 0xa1, 0x61, 0x00, 0xf2, 0xa4, 0x93, 0x7b, 0xc1, 0xdf, 0xfa, 0x8b,
  0x0b, 0x1f, 0x61, 0xa2, 0x76, 0x99, 0x6d, 0x7e, 0xe8, 0xde, 0xb2, 0xd0,

xdr/decorated_signature.go

@@ -0,0 +1,44 @@
+package xdr
+
+// NewDecoratedSignature constructs a decorated signature structure directly
+// from the given signature and key hint. Note that the key hint should
+// correspond to the key that created the signature, but this helper cannot
+// ensure that.
+func NewDecoratedSignature(sig []byte, keyHint [4]byte) DecoratedSignature {
+ return DecoratedSignature{
+ Hint: SignatureHint(keyHint),
+ Signature: Signature(sig),
+ }
+}
+
+// NewDecoratedSignatureForPayload creates a decorated signature with a hint
+// that uses the key hint, the last four bytes of signature, and the last four
+// bytes of the input that got signed. Note that the signature should be the
+// signature of the payload via the key being hinted, but this construction
+// method cannot ensure that.
+func NewDecoratedSignatureForPayload(
+ sig []byte, keyHint [4]byte, payload []byte,
+) DecoratedSignature {
+ hint := [4]byte{}
+ j := iMax(0, len(payload)-4)
+
+ for i := 0; i < len(keyHint); i++ {
+ hint[i] = keyHint[i]
+ if j < len(payload) {
+ hint[i] ^= payload[j]
+ j++
+ }
+ }
+
+ return DecoratedSignature{
+ Hint: SignatureHint(hint),
+ Signature: Signature(sig),
+ }
+}
+
+func iMax(a, b int) int {
+ if a > b {
+ return a
+ }
+ return b
+}

xdr/decorated_signature_test.go

@@ -0,0 +1,41 @@
+package xdr_test
+
+import (
+ "fmt"
+ "testing"
+
+ "github.com/stellar/go/xdr"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestDecoratedSignatures(t *testing.T) {
+ signature := []byte{0, 1, 2, 3, 4, 5, 6, 7, 8}
+ keyHint := [4]byte{9, 10, 11, 12}
+
+ testCases := []struct {
+ payload []byte
+ expectedHint [4]byte
+ }{
+ {
+ payload: []byte{13, 14, 15, 16, 17, 18, 19, 20, 21},
+ expectedHint: [4]byte{27, 25, 31, 25},
+ },
+ {
+ payload: []byte{18, 19, 20},
+ expectedHint: [4]byte{27, 25, 31, 12},
+ },
+ }
+
+ for _, testCase := range testCases {
+ t.Run(fmt.Sprintf("%d-byte", len(testCase.payload)), func(t *testing.T) {
+ decoSig := xdr.NewDecoratedSignature(signature, keyHint)
+ assert.EqualValues(t, keyHint, decoSig.Hint)
+ assert.EqualValues(t, signature, decoSig.Signature)
+
+ decoSig = xdr.NewDecoratedSignatureForPayload(
+ signature, keyHint, testCase.payload)
+ assert.EqualValues(t, testCase.expectedHint, decoSig.Hint)
+ assert.EqualValues(t, signature, decoSig.Signature)
+ })
+ }
+}

xdr/signer_key_test.go

@@ -55,7 +55,6 @@ func TestSignerKey_SetAddress(t *testing.T) {
  Name string
  Address string
  }{
-
  {
  Name: "AccountID",
  Address: "GA3D5KRYM6CB7OWQ6TWYRR3Z4T7GNZLKERYNZGGA5SOAOPIFY6YQHES5",
@@ -69,8 +68,8 @@ func TestSignerKey_SetAddress(t *testing.T) {
  Address: "XBU2RRGLXH3E5CQHTD3ODLDF2BWDCYUSSBLLZ5GNW7JXHDIYKXZWGTOG",
  },
  {
- "SignedPayload",
- "PA7QYNF7SOWQ3GLR2BGMZEHXAVIRZA4KVWLTJJFC7MGXUA74P7UJUAAAAAOQCAQDAQCQMBYIBEFAWDANBYHRAEISCMKBKFQXDAMRUGY4DUAAAAFGBU",
+ Name: "SignedPayload",
+ Address: "PA7QYNF7SOWQ3GLR2BGMZEHXAVIRZA4KVWLTJJFC7MGXUA74P7UJUAAAAAOQCAQDAQCQMBYIBEFAWDANBYHRAEISCMKBKFQXDAMRUGY4DUAAAAFGBU",
  },
  }