update: establishing the receiver role clearly

2021-01-17 18:00:45 -06:00 · 2021-01-17 18:00:45 -06:00 · bc625095c7
parent fb1e133ca1
commit bc625095c7
8 changed files with 189 additions and 112 deletions
--- a/bare_minimum_crypto/cpp/Makefile
+++ b/bare_minimum_crypto/cpp/Makefile
@ -5,15 +5,24 @@ CXX_FLAGS=$(FLAGS) -c
 L_FLAGS=$(FLAGS)
 LIBS=-lsodium

-bmc_test: bmc_test.o base64.o string_helpers.o time_helpers.o
+bmc_test: bmc_test.o base64.o expiring_signature.o receiver.o sodium_helpers.o string_helpers.o time_helpers.o
 	$(CXX) -o $@ $^ $(L_FLAGS) $(LIBS)

-bmc_test.o: bmc_test.cpp string_helpers.h time_helpers.h
+bmc_test.o: bmc_test.cpp expiring_signature.h receiver.h sodium_helpers.h string_helpers.h time_helpers.h
 	$(CXX) -o $@ $(CXX_FLAGS) $<

 base64.o: cpp-base64/base64.cpp cpp-base64/base64.h
 	$(CXX) -o $@ $(CXX_FLAGS) $<

+expiring_signature.o: expiring_signature.cpp expiring_signature.h
+	$(CXX) -o $@ $(CXX_FLAGS) $<
+
+receiver.o: receiver.cpp receiver.h expiring_signature.h sodium_helpers.h string_helpers.h time_helpers.h
+	$(CXX) -o $@ $(CXX_FLAGS) $<
+
+sodium_helpers.o: sodium_helpers.cpp sodium_helpers.h
+	$(CXX) -o $@ $(CXX_FLAGS) $<
+
 string_helpers.o: string_helpers.cpp string_helpers.h cpp-base64/base64.h
 	$(CXX) -o $@ $(CXX_FLAGS) $<

@ -21,5 +30,5 @@ time_helpers.o: time_helpers.cpp time_helpers.h
 	$(CXX) -o $@ $(CXX_FLAGS) $<

 clean:
-	rm -f bmc_test bmc_test.o base64.o string_helpers.o
+	rm -f bmc_test bmc_test.o base64.o expiring_signature.o receiver.o sodium_helpers.o string_helpers.o time_helpers.o

--- a/bare_minimum_crypto/cpp/bmc_test.cpp
+++ b/bare_minimum_crypto/cpp/bmc_test.cpp
@ -7,9 +7,12 @@

 #include <sodium.h>

-#include "cpp-base64/base64.h"
+// #include "cpp-base64/base64.h"
 #include "json.hpp"

+#include "expiring_signature.h"
+#include "receiver.h"
+#include "sodium_helpers.h"
 #include "string_helpers.h"
 #include "time_helpers.h"

@ -18,113 +21,6 @@ using nlohmann::json;

 using namespace BareMinimumCrypto;

-struct ExpiringSignature {
-	string cert_s;
-	vector <uint8_t> sig;
-	
-	// C++ nonsense
-	bool operator == (const ExpiringSignature & o) const {
-		return
-			cert_s == o.cert_s &&
-			sig == o.sig
-		;
-	}
-	
-	bool operator != (const ExpiringSignature & o) const {
-		return ! (*this == o);
-	}
-};
-
-void try_sodium_init () {
-	if (sodium_init () < 0) {
-		throw std::runtime_error ("Can't initialize libsodium");
-	}
-}
-
-bool is_pubkey_length (const vector <uint8_t> & v) {
-	return v.size () == crypto_sign_PUBLICKEYBYTES;
-}
-
-optional <vector <uint8_t>> try_verify_signed_data (
-	const ExpiringSignature & sig,
-	const vector <uint8_t> & pubkey,
-	Instant now
-) {
-	try_sodium_init ();
-	
-	if (! is_pubkey_length (pubkey)) {
-		return nullopt;
-	}
-	
-	if (crypto_sign_verify_detached (
-		sig.sig.data (),
-		(const uint8_t *)sig.cert_s.data (),
-		sig.cert_s.size (),
-		pubkey.data ()
-	) != 0) {
-		return nullopt;
-	}
-	
-	const json j = json::parse (sig.cert_s);
-	
-	const TimeRange tr {
-		j ["not_before"],
-		j ["not_after"]
-	};
-	
-	if (! tr.contains (now)) {
-		return nullopt;
-	}
-	
-	const string payload_b64 = j ["payload_b64"];
-	const auto payload = std::move (*BareMinimumCrypto::base64_decode (payload_b64));
-	
-	return payload;
-}
-
-optional <vector <uint8_t>> verify_signed_data (
-	const ExpiringSignature & sig,
-	const vector <uint8_t> & pubkey,
-	Instant now
-) {
-	try {
-		return try_verify_signed_data (sig, pubkey, now);
-	}
-	catch (json::exception &) {
-		return nullopt;
-	}
-}
-
-optional <vector <uint8_t>> verify_cert_and_data (
-	const ExpiringSignature & signed_cert,
-	const ExpiringSignature & signed_data,
-	const vector <uint8_t> & root_pubkey,
-	Instant now
-) {
-	auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
-	if (! subkey_opt) {
-		return nullopt;
-	}
-	const auto subkey = std::move (*subkey_opt);
-	
-	return verify_signed_data (signed_data, subkey, now);
-}
-
-optional <vector <uint8_t>> verify_cert_and_data (
-	const ExpiringSignature & signed_cert,
-	const ExpiringSignature & signed_data,
-	const vector <uint8_t> & root_pubkey
-) {
-	return verify_cert_and_data (signed_cert, signed_data, root_pubkey, Instant::now ());
-}
-
-optional <vector <uint8_t>> verify_signed_data (
-	const ExpiringSignature & sig,
-	const vector <uint8_t> & pubkey
-) {
-	return verify_signed_data (sig, pubkey, Instant::now ());
-}
-
 class SigningKey {
 	vector <uint8_t> pk;
 	vector <uint8_t> sk;
@ -243,7 +139,7 @@ int happy_path () {
 	// even though the receiver has never seen the sub-key.
 	
 	const auto root_pubkey = root_key.pubkey ();
-	auto verified_opt = verify_cert_and_data (cert, signed_data, root_pubkey);
+	auto verified_opt = Receiver::verify_cert_and_data (cert, signed_data, root_pubkey);
 	if (! verified_opt) {
 		cerr << "Receiver couldn't verify cert and data" << endl;
 		return 1;
--- a/bare_minimum_crypto/cpp/expiring_signature.cpp
+++ b/bare_minimum_crypto/cpp/expiring_signature.cpp
@ -0,0 +1,15 @@
+#include "expiring_signature.h"
+
+namespace BareMinimumCrypto {
+	// C++ nonsense
+	bool ExpiringSignature::operator == (const ExpiringSignature & o) const {
+		return
+			cert_s == o.cert_s &&
+			sig == o.sig
+		;
+	}
+	
+	bool ExpiringSignature::operator != (const ExpiringSignature & o) const {
+		return ! (*this == o);
+	}
+}
--- a/bare_minimum_crypto/cpp/expiring_signature.h
+++ b/bare_minimum_crypto/cpp/expiring_signature.h
@ -0,0 +1,17 @@
+#pragma once
+
+#include <stdint.h>
+#include <string>
+#include <vector>
+
+namespace BareMinimumCrypto {
+	using namespace std;
+	
+	struct ExpiringSignature {
+		string cert_s;
+		vector <uint8_t> sig;
+		
+		bool operator == (const ExpiringSignature & o) const;
+		bool operator != (const ExpiringSignature & o) const;
+	};
+}
--- a/bare_minimum_crypto/cpp/receiver.cpp
+++ b/bare_minimum_crypto/cpp/receiver.cpp
@ -0,0 +1,91 @@
+#include "receiver.h"
+
+#include <sodium.h>
+
+#include "json.hpp"
+
+#include "expiring_signature.h"
+#include "sodium_helpers.h"
+#include "string_helpers.h"
+#include "time_helpers.h"
+
+namespace BareMinimumCrypto::Receiver {
+	using nlohmann::json;
+	
+	bool is_pubkey_length (const vector <uint8_t> & v) {
+		return v.size () == crypto_sign_PUBLICKEYBYTES;
+	}
+
+	optional <vector <uint8_t>> try_verify_signed_data (
+		const ExpiringSignature & sig,
+		const vector <uint8_t> & pubkey,
+		Instant now
+	) {
+		try_sodium_init ();
+		
+		if (! is_pubkey_length (pubkey)) {
+			return nullopt;
+		}
+		
+		if (crypto_sign_verify_detached (
+			sig.sig.data (),
+			(const uint8_t *)sig.cert_s.data (),
+			sig.cert_s.size (),
+			pubkey.data ()
+		) != 0) {
+			return nullopt;
+		}
+		
+		const json j = json::parse (sig.cert_s);
+		
+		const TimeRange tr {
+			j ["not_before"],
+			j ["not_after"]
+		};
+		
+		if (! tr.contains (now)) {
+			return nullopt;
+		}
+		
+		const string payload_b64 = j ["payload_b64"];
+		const auto payload = std::move (*BareMinimumCrypto::base64_decode (payload_b64));
+		
+		return payload;
+	}
+
+	optional <vector <uint8_t>> verify_signed_data (
+		const ExpiringSignature & sig,
+		const vector <uint8_t> & pubkey,
+		Instant now
+	) {
+		try {
+			return try_verify_signed_data (sig, pubkey, now);
+		}
+		catch (json::exception &) {
+			return nullopt;
+		}
+	}
+	
+	optional <vector <uint8_t>> verify_cert_and_data (
+		const ExpiringSignature & signed_cert,
+		const ExpiringSignature & signed_data,
+		const vector <uint8_t> & root_pubkey,
+		Instant now
+	) {
+		auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
+		if (! subkey_opt) {
+			return nullopt;
+		}
+		const auto subkey = std::move (*subkey_opt);
+		
+		return verify_signed_data (signed_data, subkey, now);
+	}
+	
+	optional <vector <uint8_t>> verify_cert_and_data (
+		const ExpiringSignature & signed_cert,
+		const ExpiringSignature & signed_data,
+		const vector <uint8_t> & root_pubkey
+	) {
+		return verify_cert_and_data (signed_cert, signed_data, root_pubkey, Instant::now ());
+	}
+}
--- a/bare_minimum_crypto/cpp/receiver.h
+++ b/bare_minimum_crypto/cpp/receiver.h
@ -0,0 +1,31 @@
+#pragma once
+
+#include <optional>
+#include <stdint.h>
+#include <vector>
+
+namespace BareMinimumCrypto {
+	struct ExpiringSignature;
+}
+
+// Structs and functions for the receiver role.
+
+/*
+The receiver needs to keep at least one root pubkey saved to
+non-volatile memory. Since root keys are long-lived, you can
+just compile them into the receiver app, too.
+
+All the receiver does is receive combined cert-and-data messages,
+and attempt to verify them. The subkeys used to directly sign the
+data don't need to be saved, but should be logged.
+*/
+
+namespace BareMinimumCrypto::Receiver {
+	using namespace std;
+	
+	optional <vector <uint8_t>> verify_cert_and_data (
+		const ExpiringSignature & signed_cert,
+		const ExpiringSignature & signed_data,
+		const vector <uint8_t> & root_pubkey
+	);
+}
--- a/bare_minimum_crypto/cpp/sodium_helpers.cpp
+++ b/bare_minimum_crypto/cpp/sodium_helpers.cpp
@ -0,0 +1,13 @@
+#include "sodium_helpers.h"
+
+#include <stdexcept>
+
+#include <sodium.h>
+
+namespace BareMinimumCrypto {
+	void try_sodium_init () {
+		if (sodium_init () < 0) {
+			throw std::runtime_error ("Can't initialize libsodium");
+		}
+	}
+}
--- a/bare_minimum_crypto/cpp/sodium_helpers.h
+++ b/bare_minimum_crypto/cpp/sodium_helpers.h
@ -0,0 +1,5 @@
+#pragma once
+
+namespace BareMinimumCrypto {
+	void try_sodium_init ();
+}