🚧 wip

2021-01-17 18:31:47 -06:00 · 2021-01-17 18:31:47 -06:00 · 6b4f9e2b00
parent bc625095c7
commit 6b4f9e2b00
3 changed files with 14 additions and 8 deletions
--- a/bare_minimum_crypto/cpp/bmc_test.cpp
+++ b/bare_minimum_crypto/cpp/bmc_test.cpp
@ -139,7 +139,7 @@ int happy_path () {
 	// even though the receiver has never seen the sub-key.
 	const auto root_pubkey = root_key.pubkey ();
-	auto verified_opt = Receiver::verify_cert_and_data (cert, signed_data, root_pubkey);
+	auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
 	if (! verified_opt) {
 		cerr << "Receiver couldn't verify cert and data" << endl;
 		return 1;
--- a/bare_minimum_crypto/cpp/receiver.cpp
+++ b/bare_minimum_crypto/cpp/receiver.cpp
@ -67,9 +67,9 @@ namespace BareMinimumCrypto::Receiver {
 	}
 	optional <vector <uint8_t>> verify_cert_and_data (
 		const vector <uint8_t> & root_pubkey,
 		const ExpiringSignature & signed_cert,
 		const ExpiringSignature & signed_data,
 		const vector <uint8_t> & root_pubkey,
 		Instant now
 	) {
 		auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
@ -82,10 +82,10 @@ namespace BareMinimumCrypto::Receiver {
 	}
 	optional <vector <uint8_t>> verify_cert_and_data (
 		const vector <uint8_t> & root_pubkey,
 		const ExpiringSignature & signed_cert,
-		const ExpiringSignature & signed_data,
+		const ExpiringSignature & signed_data
 		const vector <uint8_t> & root_pubkey
 	) {
-		return verify_cert_and_data (signed_cert, signed_data, root_pubkey, Instant::now ());
+		return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
 	}
 }
--- a/bare_minimum_crypto/cpp/receiver.h
+++ b/bare_minimum_crypto/cpp/receiver.h
@ -2,6 +2,7 @@
 #include <optional>
 #include <stdint.h>
 #include <string>
 #include <vector>
 namespace BareMinimumCrypto {
@ -17,15 +18,20 @@ just compile them into the receiver app, too.
 All the receiver does is receive combined cert-and-data messages,
 and attempt to verify them. The subkeys used to directly sign the
-data don't need to be saved, but should be logged.
+data are disposable and not exposed to callers.
 */
 namespace BareMinimumCrypto::Receiver {
 	using namespace std;
 	optional <vector <uint8_t>> verify_cert_and_data (
 		const vector <uint8_t> & root_pubkey,
 		const ExpiringSignature & signed_cert,
-		const ExpiringSignature & signed_data,
+		const ExpiringSignature & signed_data
-		const vector <uint8_t> & root_pubkey
+	);
 	optional <vector <uint8_t>> verify_cert_and_data (
 		const vector <uint8_t> & root_pubkey,
 		const string & json_string
 	);
 }