main
_ 2021-01-17 18:31:47 -06:00
parent bc625095c7
commit 6b4f9e2b00
3 changed files with 14 additions and 8 deletions

View File

@ -139,7 +139,7 @@ int happy_path () {
// even though the receiver has never seen the sub-key. // even though the receiver has never seen the sub-key.
const auto root_pubkey = root_key.pubkey (); const auto root_pubkey = root_key.pubkey ();
auto verified_opt = Receiver::verify_cert_and_data (cert, signed_data, root_pubkey); auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
if (! verified_opt) { if (! verified_opt) {
cerr << "Receiver couldn't verify cert and data" << endl; cerr << "Receiver couldn't verify cert and data" << endl;
return 1; return 1;

View File

@ -67,9 +67,9 @@ namespace BareMinimumCrypto::Receiver {
} }
optional <vector <uint8_t>> verify_cert_and_data ( optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert, const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data, const ExpiringSignature & signed_data,
const vector <uint8_t> & root_pubkey,
Instant now Instant now
) { ) {
auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now); auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
@ -82,10 +82,10 @@ namespace BareMinimumCrypto::Receiver {
} }
optional <vector <uint8_t>> verify_cert_and_data ( optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert, const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data, const ExpiringSignature & signed_data
const vector <uint8_t> & root_pubkey
) { ) {
return verify_cert_and_data (signed_cert, signed_data, root_pubkey, Instant::now ()); return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
} }
} }

View File

@ -2,6 +2,7 @@
#include <optional> #include <optional>
#include <stdint.h> #include <stdint.h>
#include <string>
#include <vector> #include <vector>
namespace BareMinimumCrypto { namespace BareMinimumCrypto {
@ -17,15 +18,20 @@ just compile them into the receiver app, too.
All the receiver does is receive combined cert-and-data messages, All the receiver does is receive combined cert-and-data messages,
and attempt to verify them. The subkeys used to directly sign the and attempt to verify them. The subkeys used to directly sign the
data don't need to be saved, but should be logged. data are disposable and not exposed to callers.
*/ */
namespace BareMinimumCrypto::Receiver { namespace BareMinimumCrypto::Receiver {
using namespace std; using namespace std;
optional <vector <uint8_t>> verify_cert_and_data ( optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert, const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data, const ExpiringSignature & signed_data
const vector <uint8_t> & root_pubkey );
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const string & json_string
); );
} }