main
_ 2021-01-17 18:31:47 -06:00
parent bc625095c7
commit 6b4f9e2b00
3 changed files with 14 additions and 8 deletions

View File

@ -139,7 +139,7 @@ int happy_path () {
// even though the receiver has never seen the sub-key.
const auto root_pubkey = root_key.pubkey ();
auto verified_opt = Receiver::verify_cert_and_data (cert, signed_data, root_pubkey);
auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
if (! verified_opt) {
cerr << "Receiver couldn't verify cert and data" << endl;
return 1;

View File

@ -67,9 +67,9 @@ namespace BareMinimumCrypto::Receiver {
}
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data,
const vector <uint8_t> & root_pubkey,
Instant now
) {
auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
@ -82,10 +82,10 @@ namespace BareMinimumCrypto::Receiver {
}
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data,
const vector <uint8_t> & root_pubkey
const ExpiringSignature & signed_data
) {
return verify_cert_and_data (signed_cert, signed_data, root_pubkey, Instant::now ());
return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
}
}

View File

@ -2,6 +2,7 @@
#include <optional>
#include <stdint.h>
#include <string>
#include <vector>
namespace BareMinimumCrypto {
@ -17,15 +18,20 @@ just compile them into the receiver app, too.
All the receiver does is receive combined cert-and-data messages,
and attempt to verify them. The subkeys used to directly sign the
data don't need to be saved, but should be logged.
data are disposable and not exposed to callers.
*/
namespace BareMinimumCrypto::Receiver {
using namespace std;
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data,
const vector <uint8_t> & root_pubkey
const ExpiringSignature & signed_data
);
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const string & json_string
);
}