Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add support for ecdsa signatures #108

Open
wants to merge 31 commits into
base: v5
Choose a base branch
from
Open

add support for ecdsa signatures #108

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
ca5e60a
add a signature type
Geal Oct 11, 2022
863c723
helper methods
Geal Oct 11, 2022
b242be8
indicate the algorithm of the next private key
Geal Oct 11, 2022
92da6e8
cleanup
Geal Oct 11, 2022
13581cf
start the boilerplate around managing multiple types of keys
Geal Oct 11, 2022
be9e6a4
start support for p256 signatures
Geal Oct 11, 2022
d0113b3
p256 support
Geal Oct 14, 2022
36e7362
Merge branch 'master' into fipscuit
Geal Nov 5, 2022
ba0f80e
Merge branch 'main' into fipscuit
Geal Aug 24, 2023
ad56ade
reintroduce ed25519-dalek 2.0
Geal Aug 24, 2023
d0f335f
Merge branch 'main' into fipscuit
Geal Sep 1, 2023
b52b929
Merge branch 'main' into fipscuit
Geal Mar 26, 2024
60514db
fix testcases
Geal Mar 26, 2024
92f88f8
move impl
Geal Mar 26, 2024
9a8cd39
PEM support
Geal Mar 26, 2024
daa0bfd
Merge branch 'main' into fipscuit
Geal May 18, 2024
2985990
wip
Geal May 22, 2024
410340e
Merge branch 'v5' into fipscuit
Geal May 23, 2024
27da40e
update protobuf enum
Geal May 23, 2024
93c2aae
update serialization formats
Geal May 23, 2024
f104b65
remove unuse code
Geal May 23, 2024
047ded5
add samples
Geal May 23, 2024
3bd1d04
parsing and printing
Geal May 23, 2024
d9d68bc
Merge branch 'v5' into fipscuit
Geal May 23, 2024
5aeb701
fix sample file name
Geal May 23, 2024
0c97e37
Merge branch 'v5' into fipscuit
Geal May 25, 2024
ce02b60
specify the algorithm when creating a KeyPair
Geal May 25, 2024
8108420
capi fixes
Geal May 25, 2024
c7378ce
Merge branch 'v5' into fipscuit
Geal May 26, 2024
c88fff0
fix samples build
Geal May 26, 2024
346d4de
make the algorithm Copy
Geal Jun 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions biscuit-auth/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ prost-types = "0.10"
regex = { version = "1.5", default-features = false, features = ["std"] }
nom = {version = "7", default-features = false, features = ["std"] }
hex = "0.4"
zeroize = { version = "1", default-features = false }
zeroize = { version = "1.5", default-features = false }
thiserror = "1"
rand = { version = "0.8" }
inline-c = { version = "0.1", optional = true }
Expand All @@ -49,7 +49,10 @@ uuid = { version = "1", optional = true }
biscuit-parser = { version = "0.1.2", path = "../biscuit-parser" }
biscuit-quote = { version = "0.2.2", optional = true, path = "../biscuit-quote" }
chrono = { version = "0.4.26", optional = true, default-features = false, features = ["serde"] }

ecdsa = { version = "0.16.9", features = ["signing", "verifying", "pem", "alloc", "pkcs8", "serde"] }
p256 = "0.11.1"
pkcs8 = "0.9.0"
elliptic-curve = { version = "0.13.8", features = ["pkcs8"] }

[dev-dependencies]
bencher = "0.1.5"
Expand Down
70 changes: 35 additions & 35 deletions biscuit-auth/benches/token.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ use rand::rngs::OsRng;

fn create_block_1(b: &mut Bencher) {
let mut rng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let mut builder = Biscuit::builder();
builder.add_fact(fact("right", &[string("file1"), string("read")]));
Expand Down Expand Up @@ -40,8 +40,8 @@ fn create_block_1(b: &mut Bencher) {

fn append_block_2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let mut builder = Biscuit::builder();
builder.add_fact(fact("right", &[string("file1"), string("read")]));
Expand Down Expand Up @@ -75,11 +75,11 @@ fn append_block_2(b: &mut Bencher) {

fn append_block_5(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let keypair3 = KeyPair::new_with_rng(&mut rng);
let keypair4 = KeyPair::new_with_rng(&mut rng);
let keypair5 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair3 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair4 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair5 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let mut builder = Biscuit::builder();
builder.add_fact(fact("right", &[string("file1"), string("read")]));
Expand Down Expand Up @@ -129,8 +129,8 @@ fn append_block_5(b: &mut Bencher) {

fn unverified_append_block_2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let mut builder = Biscuit::builder();
builder.add_fact(fact("right", &[string("file1"), string("read")]));
Expand Down Expand Up @@ -164,11 +164,11 @@ fn unverified_append_block_2(b: &mut Bencher) {

fn unverified_append_block_5(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let keypair3 = KeyPair::new_with_rng(&mut rng);
let keypair4 = KeyPair::new_with_rng(&mut rng);
let keypair5 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair3 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair4 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair5 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let mut builder = Biscuit::builder();
builder.add_fact(fact("right", &[string("file1"), string("read")]));
Expand Down Expand Up @@ -218,8 +218,8 @@ fn unverified_append_block_5(b: &mut Bencher) {

fn verify_block_2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -269,11 +269,11 @@ fn verify_block_2(b: &mut Bencher) {

fn verify_block_5(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let keypair3 = KeyPair::new_with_rng(&mut rng);
let keypair4 = KeyPair::new_with_rng(&mut rng);
let keypair5 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair3 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair4 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair5 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -348,8 +348,8 @@ fn verify_block_5(b: &mut Bencher) {

fn check_signature_2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -390,11 +390,11 @@ fn check_signature_2(b: &mut Bencher) {

fn check_signature_5(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let keypair3 = KeyPair::new_with_rng(&mut rng);
let keypair4 = KeyPair::new_with_rng(&mut rng);
let keypair5 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair3 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair4 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair5 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -458,8 +458,8 @@ fn check_signature_5(b: &mut Bencher) {

fn checks_block_2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -510,8 +510,8 @@ fn checks_block_2(b: &mut Bencher) {

fn checks_block_create_verifier2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down Expand Up @@ -553,8 +553,8 @@ fn checks_block_create_verifier2(b: &mut Bencher) {

fn checks_block_verify_only2(b: &mut Bencher) {
let mut rng: OsRng = OsRng;
let root = KeyPair::new_with_rng(&mut rng);
let keypair2 = KeyPair::new_with_rng(&mut rng);
let root = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);
let keypair2 = KeyPair::new_with_rng(Algorithm::Ed25519, &mut rng);

let data = {
let mut builder = Biscuit::builder();
Expand Down
Loading