Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Signatures #515

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
janiejestemja wants to merge 33 commits into
base: release/0.0.7
Choose a base branch
from
Open

Signatures #515

janiejestemja wants to merge 33 commits into from

Conversation

@janiejestemja
Copy link
Collaborator

@janiejestemja janiejestemja commented Nov 29, 2025
edited
Loading

This PR contains

  • Addition of sha-256 based hkdf and hash function into cryptotrait
    • And some refactor of CryptoTrait return types
  • Addition of signatures into com hub and validation thereof when reading dxb-blocks from bytes (behind native-crypto feature flag)
    • And some async and error propagation due to that
  • Addition of human readable representations into cryptotrait (targeting Add fingerprint support #244)

The key pair for the signatures is generated for each block independently (randomly), whereas the public key is currently send alongside the signature within the DXBBlock, and the private key is disregarded after the signing operation. Therefore the signature field has currently a length of 108 bytes (64 for the signature, 44 for the public key) and can be done anonymously.

The signed data is a sha-256 hashed concatenation of the public key of the sender with the DXBBlocks body. This is kept minimal to not interfere with upcoming development.

For the encrypted signature the public key of the sender serves as input keying material to an hkdf (salted with zeros) to deterministically derive an encryption key for AES CTR, which is then used to encrypt the signature.

This will allow in later stages of the project to substitue the public key with a via DH derived secret, as well as the removal of the public key from the DXBBlock, which will reduce the size of the signature field of a DXBBlock to 64 bytes.

The datex-specification repository is brought roughly up to date about the changes, and a PR with glossary entries for the website about the cryptographic algorithms used is already set up here.

@github-actions
Copy link

github-actions bot commented Nov 29, 2025
edited
Loading

Test Results

578 tests  +5   578 ✅ +5   1m 12s ⏱️ +2s
  6 suites ±0     0 💤 ±0 
  1 files   ±0     0 ❌ ±0 

Results for commit 4ec51f7. ± Comparison against base commit 0509b11.

♻️ This comment has been updated with latest results.

@github-actions
Copy link

github-actions bot commented Nov 29, 2025
edited
Loading

🐰 Bencher Report

Branchfeat/signatures
Testbedubuntu-latest
Click to view all benchmark results
BenchmarkLatencyBenchmark Result
microseconds (µs)
(Result Δ%)		Upper Boundary
microseconds (µs)
(Limit %)
dxb to json/test1.json📈 view plot
🚷 view threshold		64.26 µs
(+0.22%)Baseline: 64.11 µs
66.53 µs
(96.58%)
dxb to json/test2.json📈 view plot
🚷 view threshold		13,502.00 µs
(+1.32%)Baseline: 13,325.71 µs
13,806.18 µs
(97.80%)
dxb to json/test3.json📈 view plot
🚷 view threshold		142,670.00 µs
(-0.10%)Baseline: 142,807.14 µs
147,782.20 µs
(96.54%)
dxb to runtime value/test1.json📈 view plot
🚷 view threshold		57.57 µs
(+43.55%)Baseline: 40.11 µs
62.67 µs
(91.87%)
dxb to runtime value/test2.json📈 view plot
🚷 view threshold		16,530.00 µs
(+47.56%)Baseline: 11,202.00 µs
18,159.80 µs
(91.03%)
dxb to runtime value/test3.json📈 view plot
🚷 view threshold		164,650.00 µs
(+69.44%)Baseline: 97,171.86 µs
183,903.23 µs
(89.53%)
json to dxb/test1.json📈 view plot
🚷 view threshold		7,901.00 µs
(+370.73%)Baseline: 1,678.45 µs
9,662.11 µs
(81.77%)
json to dxb/test2.json📈 view plot
🚷 view threshold		8,245,000.00 µs
(+515.54%)Baseline: 1,339,480.00 µs
10,199,194.56 µs
(80.84%)
json to dxb/test3.json📈 view plot
🚷 view threshold		47,575,000.00 µs
(+463.84%)Baseline: 8,437,642.86 µs
58,650,461.82 µs
(81.12%)
json to runtime value datex auto static detection/test1.json📈 view plot
🚷 view threshold		7,944.70 µs
(+369.46%)Baseline: 1,692.29 µs
9,714.09 µs
(81.79%)
json to runtime value datex auto static detection/test2.json📈 view plot
🚷 view threshold		8,247,100.00 µs
(+513.23%)Baseline: 1,344,867.14 µs
10,200,366.32 µs
(80.85%)
json to runtime value datex auto static detection/test3.json📈 view plot
🚷 view threshold		47,276,000.00 µs
(+459.00%)Baseline: 8,457,271.43 µs
58,261,319.50 µs
(81.14%)
json to runtime value datex forced static/test1.json📈 view plot
🚷 view threshold		7,636.50 µs
(+365.01%)Baseline: 1,642.22 µs
9,332.83 µs
(81.82%)
json to runtime value datex forced static/test2.json📈 view plot
🚷 view threshold		8,069,100.00 µs
(+512.94%)Baseline: 1,316,461.43 µs
9,980,032.40 µs
(80.85%)
json to runtime value datex forced static/test3.json📈 view plot
🚷 view threshold		46,327,000.00 µs
(+459.58%)Baseline: 8,278,942.86 µs
57,094,211.13 µs
(81.14%)
json to runtime value datex/test1.json📈 view plot
🚷 view threshold		7,824.30 µs
(+365.87%)Baseline: 1,679.51 µs
9,563.22 µs
(81.82%)
json to runtime value datex/test2.json📈 view plot
🚷 view threshold		8,254,400.00 µs
(+511.85%)Baseline: 1,349,084.29 µs
10,208,540.50 µs
(80.86%)
json to runtime value datex/test3.json📈 view plot
🚷 view threshold		47,367,000.00 µs
(+457.94%)Baseline: 8,489,685.71 µs
58,368,882.71 µs
(81.15%)
json to runtime value json_syntax/test1.json📈 view plot
🚷 view threshold		21.94 µs
(+7.70%)Baseline: 20.37 µs
22.58 µs
(97.16%)
json to runtime value json_syntax/test2.json📈 view plot
🚷 view threshold		6,752.10 µs
(+2.53%)Baseline: 6,585.27 µs
7,058.29 µs
(95.66%)
json to runtime value json_syntax/test3.json📈 view plot
🚷 view threshold		70,039.00 µs
(-14.80%)Baseline: 82,201.00 µs
97,967.46 µs
(71.49%)
json to runtime value serde_json/test1.json📈 view plot
🚷 view threshold		6.46 µs
(+2.20%)Baseline: 6.32 µs
6.61 µs
(97.63%)
json to runtime value serde_json/test2.json📈 view plot
🚷 view threshold		2,019.10 µs
(-4.86%)Baseline: 2,122.16 µs
2,260.17 µs
(89.33%)
json to runtime value serde_json/test3.json📈 view plot
🚷 view threshold		14,904.00 µs
(-8.21%)Baseline: 16,236.29 µs
18,553.44 µs
(80.33%)
runtime init📈 view plot
🚷 view threshold		31.28 µs
(-77.39%)Baseline: 138.33 µs
1,198.65 µs
(2.61%)
runtime value to dxb/test1.json📈 view plot
🚷 view threshold		6.10 µs
(+64.96%)Baseline: 3.70 µs
6.78 µs
(89.97%)
runtime value to dxb/test2.json📈 view plot
🚷 view threshold		1,764.50 µs
(+77.67%)Baseline: 993.12 µs
1,982.86 µs
(88.99%)
runtime value to dxb/test3.json📈 view plot
🚷 view threshold		19,130.00 µs
(+87.88%)Baseline: 10,182.21 µs
21,700.92 µs
(88.15%)
runtime value to json datex/test1.json📈 view plot
🚷 view threshold		71.89 µs
(+4.47%)Baseline: 68.81 µs
73.73 µs
(97.51%)
runtime value to json datex/test2.json📈 view plot
🚷 view threshold		15,529.00 µs
(+7.29%)Baseline: 14,473.57 µs
15,915.52 µs
(97.57%)
runtime value to json datex/test3.json📈 view plot
🚷 view threshold		161,230.00 µs
(+4.07%)Baseline: 154,931.43 µs
164,564.58 µs
(97.97%)
runtime value to json json_syntax/test1.json📈 view plot
🚷 view threshold		10.84 µs
(+0.81%)Baseline: 10.76 µs
11.07 µs
(97.97%)
runtime value to json json_syntax/test2.json📈 view plot
🚷 view threshold		4,409.10 µs
(-2.78%)Baseline: 4,535.03 µs
4,754.81 µs
(92.73%)
runtime value to json json_syntax/test3.json📈 view plot
🚷 view threshold		60,582.00 µs
(-4.29%)Baseline: 63,298.57 µs
70,706.95 µs
(85.68%)
runtime value to json serde_json/test1.json📈 view plot
🚷 view threshold		3.74 µs
(+22.53%)Baseline: 3.05 µs
4.01 µs
(93.24%)
runtime value to json serde_json/test2.json📈 view plot
🚷 view threshold		1,397.70 µs
(+33.34%)Baseline: 1,048.22 µs
1,526.08 µs
(91.59%)
runtime value to json serde_json/test3.json📈 view plot
🚷 view threshold		16,476.00 µs
(+49.96%)Baseline: 10,986.99 µs
18,334.62 µs
(89.86%)
🐰 View full continuous benchmarking report in Bencher

janiejestemja
janiejestemja commented Dec 1, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 1, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 4, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 5, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 9, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 9, 2025
View reviewed changes
@jonasstrehle jonasstrehle self-requested a review December 10, 2025 08:18
jonasstrehle
jonasstrehle requested changes Dec 10, 2025
View reviewed changes
@janiejestemja janiejestemja mentioned this pull request Dec 11, 2025
Open
janiejestemja
janiejestemja commented Dec 11, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 13, 2025
View reviewed changes
janiejestemja
janiejestemja commented Dec 15, 2025
View reviewed changes
@janiejestemja janiejestemja marked this pull request as ready for review December 16, 2025 10:36
@janiejestemja
Copy link
Collaborator Author

janiejestemja commented Dec 16, 2025

@jonasstrehle Thanks for taking the time to review the earlier drafts already. 🥳

What i failed at is...

...For this to work, we must come up with a better solution how to store the raw byte parts in the DXBBlock, as there exist different states of the data (serialized, encrypted raw, unencrypted raw)...

...instead of coming up with a better solution i just went with the preexisting structure. 👀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonasstrehle jonasstrehle Awaiting requested review from jonasstrehle

@benStre benStre Awaiting requested review from benStre

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@janiejestemja @jonasstrehle