Expose Ed25519PublicKey (#695)

aws · Feb 13, 2025 · 5337f14 · 5337f14
1 parent 33614e2
commit 5337f14
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 9 deletions.
diff --git a/aws-lc-rs/src/ed25519.rs b/aws-lc-rs/src/ed25519.rs
@@ -117,6 +117,7 @@ impl Debug for Seed<'_> {
 
 #[derive(Clone)]
 #[allow(clippy::module_name_repetitions)]
+/// Ed25519 Public Key
 pub struct PublicKey {
     evp_pkey: LcPtr<EVP_PKEY>,
     public_key_bytes: [u8; ED25519_PUBLIC_KEY_LEN],

diff --git a/aws-lc-rs/src/signature.rs b/aws-lc-rs/src/signature.rs
@@ -253,7 +253,8 @@ pub use crate::ec::signature::{
     EcdsaSigningAlgorithm, EcdsaVerificationAlgorithm, PublicKey as EcdsaPublicKey,
 };
 pub use crate::ed25519::{
-    Ed25519KeyPair, EdDSAParameters, Seed as Ed25519Seed, ED25519_PUBLIC_KEY_LEN,
+    Ed25519KeyPair, EdDSAParameters, PublicKey as Ed25519PublicKey, Seed as Ed25519Seed,
+    ED25519_PUBLIC_KEY_LEN,
 };
 use crate::{digest, ec, error, hex, rsa, sealed};
 

diff --git a/aws-lc-rs/tests/aead_test.rs b/aws-lc-rs/tests/aead_test.rs
@@ -189,14 +189,10 @@ fn test_aead<Seal, Open>(
         // Debug builds are too slow for this, so for those builds, only
         // test a smaller subset.
 
-        let mut more_comprehensive_in_prefix_lengths = vec![0; 4096].into_boxed_slice();
+        let more_comprehensive_in_prefix_lengths: Box<[usize]> = (1..4096).collect();
         let in_prefix_lengths = if cfg!(any(debug_assertions, disable_slow_tests)) {
             &MINIMAL_IN_PREFIX_LENS[..]
         } else {
-            #[allow(clippy::needless_range_loop)]
-            for b in 0..more_comprehensive_in_prefix_lengths.len() {
-                more_comprehensive_in_prefix_lengths[b] = b;
-            }
             &more_comprehensive_in_prefix_lengths[..]
         };
         let mut o_in_out = vec![123u8; 4096];

diff --git a/aws-lc-rs/tests/ed25519_tests.rs b/aws-lc-rs/tests/ed25519_tests.rs
@@ -3,9 +3,9 @@
 // Modifications copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0 OR ISC
 
-use aws_lc_rs::encoding::{AsBigEndian, Curve25519SeedBin};
+use aws_lc_rs::encoding::{AsBigEndian, AsDer, Curve25519SeedBin};
 use aws_lc_rs::rand::SystemRandom;
-use aws_lc_rs::signature::{self, Ed25519KeyPair, KeyPair};
+use aws_lc_rs::signature::{self, Ed25519KeyPair, KeyPair, VerificationAlgorithm, ED25519};
 use aws_lc_rs::{error, test, test_file};
 
 #[test]
@@ -179,9 +179,23 @@ fn ed25519_test_public_key_coverage() {
         "PublicKey(\"0590d26d769c711c3d8cbffc41f5b4665d63feb3d17765c3b630d50bf5c188fb\")";
 
     let key_pair = Ed25519KeyPair::from_pkcs8_maybe_unchecked(PRIVATE_KEY).unwrap();
+    let message = b"Hello world!";
+    let sig = key_pair.sign(message);
+
+    let public_key = key_pair.public_key();
+    let public_key_raw_bytes = public_key.as_ref();
+    let public_key_x509 = public_key.as_der().unwrap();
+    let public_key_x509_bytes = public_key_x509.as_ref();
 
     // Test `AsRef<[u8]>`
-    assert_eq!(key_pair.public_key().as_ref(), PUBLIC_KEY);
+    assert_eq!(public_key_raw_bytes, PUBLIC_KEY);
+
+    assert!(ED25519
+        .verify_sig(public_key_raw_bytes, message, sig.as_ref())
+        .is_ok());
+    assert!(ED25519
+        .verify_sig(public_key_x509_bytes, message, sig.as_ref())
+        .is_ok());
 
     // Test `Clone`.
     #[allow(clippy::clone_on_copy)]