sui_sdk/
verify_personal_message_signature.rs

1// Copyright (c) Mysten Labs, Inc.
2// SPDX-License-Identifier: Apache-2.0
3
4use std::sync::Arc;
5
6use crate::error::Error;
7use shared_crypto::intent::{Intent, IntentMessage, PersonalMessage};
8use sui_rpc::Client;
9use sui_rpc::proto::sui::rpc::v2::{Bcs, UserSignature, VerifySignatureRequest};
10use sui_types::{
11    base_types::SuiAddress,
12    signature::{AuthenticatorTrait, GenericSignature, VerifyParams},
13    signature_verification::VerifiedDigestCache,
14};
15
16/// Verify a signature against a personal message bytes and the sui address.
17/// SuiClient is required to pass in if zkLogin signature is supplied.
18pub async fn verify_personal_message_signature(
19    signature: GenericSignature,
20    message: &[u8],
21    address: SuiAddress,
22    client: Option<Client>,
23) -> Result<(), Error> {
24    let intent_msg = IntentMessage::new(
25        Intent::personal_message(),
26        PersonalMessage {
27            message: message.to_vec(),
28        },
29    );
30    match signature {
31        GenericSignature::ZkLoginAuthenticator(ref _sig) => {
32            if let Some(mut client) = client {
33                let message = Bcs::serialize(&message)?.with_name("PersonalMessage");
34                let user_signature =
35                    UserSignature::default().with_bcs(Bcs::from(signature.as_ref().to_owned()));
36
37                let res = client
38                    .signature_verification_client()
39                    .verify_signature(
40                        VerifySignatureRequest::default()
41                            .with_address(address.to_string())
42                            .with_message(message)
43                            .with_signature(user_signature),
44                    )
45                    .await
46                    .map_err(|_| Error::InvalidSignature)?
47                    .into_inner();
48
49                if res.is_valid() {
50                    Ok(())
51                } else {
52                    Err(Error::InvalidSignature)
53                }
54            } else {
55                Err(Error::InvalidSignature)
56            }
57        }
58        _ => signature
59            .verify_claims::<PersonalMessage>(
60                &intent_msg,
61                address,
62                &VerifyParams::default(),
63                Arc::new(VerifiedDigestCache::new_empty()),
64            )
65            .map_err(|_| Error::InvalidSignature),
66    }
67}