-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
18 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,6 +20,7 @@ Our implementation was inspired by [Renaud Dubois/Ledger's FCL library](https:// | |
Available on any chain. If missing, see `deploy.sh`. | ||
|
||
Install with: | ||
|
||
- `forge install daimo-eth/p256-verifier` | ||
- add `p256-verifier/=lib/p256-verifier/src/` to remappings.txt | ||
|
||
|
@@ -33,7 +34,7 @@ uint256 x, y; // public key | |
bool valid = P256.verifySignature(hash, r, s, x, y); | ||
``` | ||
|
||
Alternately, calling `P256.verifySignatureAllowMalleability` ignores | ||
Alternately, calling `P256.verifySignatureAllowMalleability` ignores | ||
malleability of signatures, matching the behavior specified by the NIST standard | ||
exactly. | ||
|
||
|
@@ -51,7 +52,7 @@ Run `foundryup` to ensure you have the latest foundry. Then, | |
``` | ||
git clone --recurse-submodules [email protected]:daimo-eth/p256-verifier | ||
cd p256-verifier | ||
forge test -vv | ||
forge test --via-ir -vv | ||
``` | ||
|
||
This runs test input and output handling as well as all applicable Wycheproof | ||
|
@@ -87,7 +88,7 @@ npm test | |
# Validate that all vectors also work with EIP-7212 | ||
# Test the fallback contract... | ||
cd .. | ||
forge test -vv | ||
forge test --via-ir -vv | ||
# In future, execution spec and clients can test against the same clean vectors | ||
``` | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,9 +2,10 @@ | |
pragma solidity 0.8.21; | ||
|
||
/** | ||
* Helper library for external contracts to verify P256 signatures. | ||
* Tries to use RIP-7212 precompile if available on the chain, and if not falls | ||
* back to more expensive Solidity implementation. | ||
* @dev Helper library to verify P256 signatures. Uses the RIP-7212 precompile | ||
* if available. If unavailable (or if the signature is invalid), falls back to | ||
* a more expensive Solidity implementation. | ||
* @custom:security-contact [email protected] | ||
**/ | ||
library P256 { | ||
address constant PRECOMPILE = address(0x100); | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,15 +3,16 @@ | |
pragma solidity 0.8.21; | ||
|
||
/** | ||
* This contract verifies P256 (secp256r1) signatures. It matches the exact | ||
* @dev This contract verifies P256 (secp256r1) signatures. It matches the exact | ||
* interface specified in the EIP-7212 precompile, allowing it to be used as a | ||
* fallback. It's based on Ledger's optimized implementation: | ||
* https://github.com/rdubois-crypto/FreshCryptoLib/tree/master/solidity | ||
**/ | ||
* @custom:security-contact [email protected] | ||
*/ | ||
contract P256Verifier { | ||
/** | ||
* Precompiles don't use a function signature. The first byte of callldata | ||
* is the first byte of an input argument. In this case: | ||
* @dev Precompiles don't use a function signature. The first byte of | ||
* calldata is the first byte of an input argument. In this case: | ||
* | ||
* input[ 0: 32] = signed data hash | ||
* input[ 32: 64] = signature r | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,8 +5,9 @@ import "./utils/Base64URL.sol"; | |
import "./P256.sol"; | ||
|
||
/** | ||
* Helper library for external contracts to verify WebAuthn signatures. | ||
**/ | ||
* @dev Helper library for verify WebAuthn (aka passkey) signatures. | ||
* @custom:security-contact [email protected] | ||
*/ | ||
library WebAuthn { | ||
/// Checks whether prefix occurs in the beginning of str. | ||
function startsWith( | ||
|