🚧 wip: working on serialization

2021-01-17 19:17:06 -06:00 · 2021-01-17 19:17:06 -06:00 · d7e9823678
parent 6b4f9e2b00
commit d7e9823678
3 changed files with 55 additions and 6 deletions
--- a/bare_minimum_crypto/cpp/bmc_test.cpp
+++ b/bare_minimum_crypto/cpp/bmc_test.cpp
@ -139,7 +139,19 @@ int happy_path () {
 	// even though the receiver has never seen the sub-key.
 	
 	const auto root_pubkey = root_key.pubkey ();
-	auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
+	
+	const json j {
+		{"cert", {
+			{"sig_b64", base64_encode (cert.sig)},
+			{"payload_s", cert.cert_s},
+		}},
+		{"data", {
+			{"sig_b64", base64_encode (signed_data.sig)},
+			{"payload_s", signed_data.cert_s},
+		}},
+	};
+	
+	auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, j.dump ());
 	if (! verified_opt) {
 		cerr << "Receiver couldn't verify cert and data" << endl;
 		return 1;
--- a/bare_minimum_crypto/cpp/expiring_signature.h
+++ b/bare_minimum_crypto/cpp/expiring_signature.h
@ -4,6 +4,8 @@
 #include <string>
 #include <vector>

+#include "json.hpp"
+
 namespace BareMinimumCrypto {
 	using namespace std;
 	
--- a/bare_minimum_crypto/cpp/receiver.cpp
+++ b/bare_minimum_crypto/cpp/receiver.cpp
@ -17,8 +17,8 @@ namespace BareMinimumCrypto::Receiver {
 	}

 	optional <vector <uint8_t>> try_verify_signed_data (
-		const ExpiringSignature & sig,
 		const vector <uint8_t> & pubkey,
+		const ExpiringSignature & sig,
 		Instant now
 	) {
 		try_sodium_init ();
@ -54,12 +54,12 @@ namespace BareMinimumCrypto::Receiver {
 	}

 	optional <vector <uint8_t>> verify_signed_data (
-		const ExpiringSignature & sig,
 		const vector <uint8_t> & pubkey,
+		const ExpiringSignature & sig,
 		Instant now
 	) {
 		try {
-			return try_verify_signed_data (sig, pubkey, now);
+			return try_verify_signed_data (pubkey, sig, now);
 		}
 		catch (json::exception &) {
 			return nullopt;
@ -72,13 +72,13 @@ namespace BareMinimumCrypto::Receiver {
 		const ExpiringSignature & signed_data,
 		Instant now
 	) {
-		auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
+		auto subkey_opt = verify_signed_data (root_pubkey, signed_cert, now);
 		if (! subkey_opt) {
 			return nullopt;
 		}
 		const auto subkey = std::move (*subkey_opt);
 		
-		return verify_signed_data (signed_data, subkey, now);
+		return verify_signed_data (subkey, signed_data, now);
 	}
 	
 	optional <vector <uint8_t>> verify_cert_and_data (
@ -88,4 +88,39 @@ namespace BareMinimumCrypto::Receiver {
 	) {
 		return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
 	}
+	
+	optional <vector <uint8_t>> try_verify_cert_and_data (
+		const vector <uint8_t> & root_pubkey,
+		const string & json_string,
+		Instant now
+	) {
+		const json j = json::parse (json_string);
+		
+		ExpiringSignature cert;
+		
+		cert.sig = *base64_decode (j ["cert"]["sig_b64"]);
+		cert.cert_s = j ["cert"]["payload_s"];
+		
+		auto subkey_opt = verify_signed_data (root_pubkey, cert, now);
+		const auto subkey = std::move (*subkey_opt);
+		
+		ExpiringSignature data;
+		
+		data.sig = *base64_decode (j ["data"]["sig_b64"]);
+		data.cert_s = j ["data"]["payload_s"];
+		
+		return verify_signed_data (subkey, data, now);
+	}
+	
+	optional <vector <uint8_t>> verify_cert_and_data (
+		const vector <uint8_t> & root_pubkey,
+		const string & json_string
+	) {
+		try {
+			return try_verify_cert_and_data (root_pubkey, json_string, Instant::now ());
+		}
+		catch (json::exception &) {
+			return nullopt;
+		}
+	}
 }