fix: update schema, account for p256 in tests

bordumb · bordumb · commit 4d9e91e9fcfc · 2026-04-11T20:02:51.000+01:00
diff --git a/crates/auths-verifier/src/verify.rs b/crates/auths-verifier/src/verify.rs
@@ -7,7 +7,7 @@ use crate::error::AttestationError;
 use crate::types::{ChainLink, VerificationReport, VerificationStatus};
 #[cfg(feature = "native")]
 use crate::witness::WitnessVerifyConfig;
-use auths_crypto::{CryptoProvider, ED25519_PUBLIC_KEY_LEN};
+use auths_crypto::CryptoProvider;
 use auths_keri::{Event, compute_said, find_seal_in_kel};
 use chrono::{DateTime, Duration, Utc};
 use log::debug;
@@ -351,11 +351,19 @@ pub(crate) async fn verify_with_keys_at(
     }
 
     // --- 4. Check provided issuer public key length ---
-    if !att.identity_signature.is_empty() && issuer_pk_bytes.len() != ED25519_PUBLIC_KEY_LEN {
-        return Err(AttestationError::InvalidInput(format!(
-            "Provided issuer public key has invalid length: {}",
-            issuer_pk_bytes.len()
-        )));
+    if !att.identity_signature.is_empty() {
+        let curve = match issuer_pk_bytes.len() {
+            32 => auths_crypto::CurveType::Ed25519,
+            33 | 65 => auths_crypto::CurveType::P256,
+            n => {
+                return Err(AttestationError::InvalidInput(format!(
+                    "Provided issuer public key has invalid length: {n}"
+                )));
+            }
+        };
+        crate::core::DevicePublicKey::try_new(curve, issuer_pk_bytes).map_err(|e| {
+            AttestationError::InvalidInput(format!("Invalid issuer public key: {e}"))
+        })?;
     }
 
     // --- 5. Reconstruct and canonicalize data ---
diff --git a/schemas/identity-bundle-v1.json b/schemas/identity-bundle-v1.json
@@ -285,7 +285,7 @@
       }
     },
     "PublicKeyHex": {
-      "description": "A validated hex-encoded Ed25519 public key (64 hex chars = 32 bytes).\n\nUse `to_ed25519()` to convert to the byte-array `Ed25519PublicKey` type.",
+      "description": "A validated hex-encoded public key (64 hex chars for Ed25519, 66 for P-256 compressed).\n\nUse `to_ed25519()` to convert to the byte-array `Ed25519PublicKey` type.",
       "type": "string"
     },
     "Role": {
diff --git a/tests/e2e/test_ephemeral_signing.py b/tests/e2e/test_ephemeral_signing.py
@@ -26,7 +26,7 @@ def test_ephemeral_sign_and_verify():
 
         # Sign with ephemeral CI key
         sign_result = run([
-            "cargo", "run", "-p", "auths-cli", "--",
+            "cargo", "run", "-p", "auths-cli", "--bin", "auths", "--",
             "artifact", "sign", artifact_path,
             "--ci",
             "--ci-platform", "local",

Original file line number	Diff line number	Diff line change
`@@ -285,7 +285,7 @@`
`285`	`285`	`}`
`286`	`286`	`},`
`287`	`287`	`"PublicKeyHex": {`
`288`		- "description": "A validated hex-encoded Ed25519 public key (64 hex chars = 32 bytes).\n\nUse `to_ed25519()` to convert to the byte-array `Ed25519PublicKey` type.",
	`288`	+ "description": "A validated hex-encoded public key (64 hex chars for Ed25519, 66 for P-256 compressed).\n\nUse `to_ed25519()` to convert to the byte-array `Ed25519PublicKey` type.",
`289`	`289`	`"type": "string"`
`290`	`290`	`},`
`291`	`291`	`"Role": {`