From fe0d0d9d4e55533200cdd2781a576b77c1cffedc Mon Sep 17 00:00:00 2001
From: beltram <beltram.maldant@gmail.com>
Date: Mon, 15 Apr 2024 17:14:09 +0200
Subject: [PATCH] feat: add 'signature_public_key_len' &
 'validate_signature_key' to CryptoProvider

---
 openmls_rust_crypto/Cargo.toml      |  2 ++
 openmls_rust_crypto/src/provider.rs | 17 +++++++++++++++++
 traits/src/crypto.rs                | 11 +++++++++++
 3 files changed, 30 insertions(+)

diff --git a/openmls_rust_crypto/Cargo.toml b/openmls_rust_crypto/Cargo.toml
index 943d14b4cf..ea42ea3f5f 100644
--- a/openmls_rust_crypto/Cargo.toml
+++ b/openmls_rust_crypto/Cargo.toml
@@ -21,6 +21,7 @@ hmac = { version = "0.12" }
 ed25519-dalek = { version = "2.0.0-rc.3", features = ["rand_core"] }
 p256 = { version = "0.13" }
 p384 = { version = "0.13" }
+p521 = "0.13"
 hkdf = { version = "0.12" }
 rand_core = "0.6"
 rand_chacha = { version = "0.3" }
@@ -28,6 +29,7 @@ tls_codec = { workspace = true }
 zeroize = { version = "1.6", features = ["derive"] }
 signature = "2.1"
 thiserror = "1.0"
+generic-array = "0.14"
 
 [dependencies.hpke]
 git = "https://github.com/wireapp/rust-hpke.git"
diff --git a/openmls_rust_crypto/src/provider.rs b/openmls_rust_crypto/src/provider.rs
index 43b3ee7bcf..42f2c9aef8 100644
--- a/openmls_rust_crypto/src/provider.rs
+++ b/openmls_rust_crypto/src/provider.rs
@@ -274,6 +274,23 @@ impl OpenMlsCrypto for RustCrypto {
         }
     }
 
+    fn signature_public_key_len(&self, alg: SignatureScheme) -> usize {
+        use generic_array::typenum::Unsigned;
+        match alg {
+            SignatureScheme::ECDSA_SECP256R1_SHA256 => {
+                <p256::NistP256 as p256::elliptic_curve::Curve>::FieldBytesSize::to_usize()
+            }
+            SignatureScheme::ECDSA_SECP384R1_SHA384 => {
+                <p384::NistP384 as p384::elliptic_curve::Curve>::FieldBytesSize::to_usize()
+            }
+            SignatureScheme::ECDSA_SECP521R1_SHA512 => {
+                <p521::NistP521 as p521::elliptic_curve::Curve>::FieldBytesSize::to_usize()
+            }
+            SignatureScheme::ED25519 => ed25519_dalek::PUBLIC_KEY_LENGTH,
+            SignatureScheme::ED448 => 57,
+        }
+    }
+
     fn verify_signature(
         &self,
         alg: openmls_traits::types::SignatureScheme,
diff --git a/traits/src/crypto.rs b/traits/src/crypto.rs
index c804972517..20c69e6f34 100644
--- a/traits/src/crypto.rs
+++ b/traits/src/crypto.rs
@@ -77,6 +77,17 @@ pub trait OpenMlsCrypto {
     /// generation fails.
     fn signature_key_gen(&self, alg: SignatureScheme) -> Result<(Vec<u8>, Vec<u8>), CryptoError>;
 
+    /// Gives the length of a signature public key, in bytes
+    fn signature_public_key_len(&self, alg: SignatureScheme) -> usize;
+
+    /// Parses and validate a signature public key
+    fn validate_signature_key(&self, alg: SignatureScheme, key: &[u8]) -> Result<(), CryptoError> {
+        if self.signature_public_key_len(alg) != key.len() {
+            return Err(CryptoError::InvalidKey);
+        }
+        Ok(())
+    }
+
     /// Verify the signature
     ///
     /// Returns an error if the [`SignatureScheme`] is not supported or the