1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

use crate::{
    common::Limits,
    did::{Did, OnChainDidDetails},
    offchain_signatures::{schemes::*, SignatureParams},
    util::IncId,
};
use codec::{Decode, Encode, MaxEncodedLen};
use frame_support::{ensure, DebugNoBound};
use sp_runtime::DispatchResult;

use super::{
    AddOffchainSignaturePublicKey, Config, Error, Event, OffchainSignatureParams, Pallet,
    PublicKeys, RemoveOffchainSignaturePublicKey, SignatureParamsStorageKey,
};

pub type SignaturePublicKeyStorageKey = (Did, IncId);

/// Public key for different signature schemes. Currently, can be either `BBS`, `BBS+`, `Pointcheval-Sanders` or `BBDT16`.
#[derive(
    scale_info_derive::TypeInfo, Encode, Decode, Clone, PartialEq, Eq, DebugNoBound, MaxEncodedLen,
)]
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
#[cfg_attr(
    feature = "serde",
    serde(bound(serialize = "T: Sized", deserialize = "T: Sized"))
)]
#[scale_info(skip_type_params(T))]
#[scale_info(omit_prefix)]
pub enum OffchainPublicKey<T: Limits> {
    /// Public key for the BBS signature scheme.
    BBS(BBSPublicKey<T>),
    /// Public key for the BBS+ signature scheme.
    BBSPlus(BBSPlusPublicKey<T>),
    /// Public key for the Pointcheval-Sanders signature scheme.
    PS(PSPublicKey<T>),
    /// Public key for the BBDT16 signature scheme. This will be in group G1 and will be used to verify
    /// the validity proof of the MAC and not the MAC itself.
    BBDT16(BBDT16PublicKey<T>),
}

impl<T: Limits> OffchainPublicKey<T> {
    /// Returns underlying public key if it corresponds to the BBS scheme.
    pub fn into_bbs(self) -> Option<BBSPublicKey<T>> {
        self.try_into().ok()
    }

    /// Returns underlying public key if it corresponds to the BBS+ scheme.
    pub fn into_bbs_plus(self) -> Option<BBSPlusPublicKey<T>> {
        self.try_into().ok()
    }

    /// Returns underlying public key if it corresponds to the Pointcheval-Sanders scheme.
    pub fn into_ps(self) -> Option<PSPublicKey<T>> {
        self.try_into().ok()
    }

    /// Returns underlying public key if it corresponds to the BBDT16 scheme.
    pub fn into_bbdt16(self) -> Option<BBDT16PublicKey<T>> {
        self.try_into().ok()
    }

    /// Returns underlying **unchecked** bytes representation for a key corresponding to either signature scheme.
    pub fn bytes(&self) -> &[u8] {
        match self {
            Self::BBS(key) => &key.bytes[..],
            Self::BBSPlus(key) => &key.bytes[..],
            Self::PS(key) => &key.bytes[..],
            Self::BBDT16(key) => &key.bytes[..],
        }
    }

    /// Returns underlying parameters reference for a key corresponding to either signature scheme.
    pub fn params_ref(&self) -> Option<&SignatureParamsStorageKey> {
        let opt = match self {
            Self::BBS(bbs_key) => &bbs_key.params_ref,
            Self::BBSPlus(bbs_plus_key) => &bbs_plus_key.params_ref,
            Self::PS(ps_key) => &ps_key.params_ref,
            Self::BBDT16(key) => &key.params_ref,
        };

        opt.as_ref()
    }

    /// Returns `true` if supplied params have same scheme as the given key.
    pub fn params_match_scheme(&self, params: &OffchainSignatureParams<T>) -> bool {
        match self {
            Self::BBS(_) => matches!(params, OffchainSignatureParams::BBS(_)),
            Self::BBSPlus(_) => matches!(params, OffchainSignatureParams::BBSPlus(_)),
            Self::PS(_) => matches!(params, OffchainSignatureParams::PS(_)),
            Self::BBDT16(_) => matches!(params, OffchainSignatureParams::BBDT16(_)),
        }
    }

    /// Ensures that supplied key has a valid size and has constrained parameters.
    pub fn ensure_valid(&self) -> Result<(), Error<T>>
    where
        T: Config,
    {
        if let Some((did, params_id)) = self.params_ref() {
            let params =
                SignatureParams::<T>::get(did, params_id).ok_or(Error::<T>::ParamsDontExist)?;

            ensure!(
                self.params_match_scheme(&params),
                Error::<T>::IncorrectParamsScheme
            );
            // Note: Once we have more than 1 curve type, it should check that params and key
            // both have same curve type
        };

        Ok(())
    }
}

impl<T: Config> Pallet<T> {
    pub(super) fn add_public_key_(
        AddOffchainSignaturePublicKey {
            did: owner, key, ..
        }: AddOffchainSignaturePublicKey<T>,
        OnChainDidDetails { last_key_id, .. }: &mut OnChainDidDetails,
    ) -> DispatchResult {
        key.ensure_valid()?;

        PublicKeys::<T>::insert(owner, last_key_id.inc(), key);

        Self::deposit_event(Event::KeyAdded(owner, *last_key_id));
        Ok(())
    }

    pub(super) fn remove_public_key_(
        RemoveOffchainSignaturePublicKey {
            key_ref: (did, counter),
            did: owner,
            ..
        }: RemoveOffchainSignaturePublicKey<T>,
        _: &mut OnChainDidDetails,
    ) -> DispatchResult {
        ensure!(
            PublicKeys::<T>::contains_key(did, counter),
            Error::<T>::PublicKeyDoesntExist
        );

        ensure!(did == owner, Error::<T>::NotOwner);

        PublicKeys::<T>::remove(did, counter);

        Self::deposit_event(Event::KeyRemoved(owner, counter));
        Ok(())
    }

    pub fn did_public_keys(did: &Did) -> impl Iterator<Item = (IncId, OffchainPublicKey<T>)> {
        PublicKeys::<T>::iter_prefix(did)
    }
}