🚧 wip: working on serialization

main
_ 2021-01-17 19:17:06 -06:00
parent 6b4f9e2b00
commit d7e9823678
3 changed files with 55 additions and 6 deletions

View File

@ -139,7 +139,19 @@ int happy_path () {
// even though the receiver has never seen the sub-key.
const auto root_pubkey = root_key.pubkey ();
auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, cert, signed_data);
const json j {
{"cert", {
{"sig_b64", base64_encode (cert.sig)},
{"payload_s", cert.cert_s},
}},
{"data", {
{"sig_b64", base64_encode (signed_data.sig)},
{"payload_s", signed_data.cert_s},
}},
};
auto verified_opt = Receiver::verify_cert_and_data (root_pubkey, j.dump ());
if (! verified_opt) {
cerr << "Receiver couldn't verify cert and data" << endl;
return 1;

View File

@ -4,6 +4,8 @@
#include <string>
#include <vector>
#include "json.hpp"
namespace BareMinimumCrypto {
using namespace std;

View File

@ -17,8 +17,8 @@ namespace BareMinimumCrypto::Receiver {
}
optional <vector <uint8_t>> try_verify_signed_data (
const ExpiringSignature & sig,
const vector <uint8_t> & pubkey,
const ExpiringSignature & sig,
Instant now
) {
try_sodium_init ();
@ -54,12 +54,12 @@ namespace BareMinimumCrypto::Receiver {
}
optional <vector <uint8_t>> verify_signed_data (
const ExpiringSignature & sig,
const vector <uint8_t> & pubkey,
const ExpiringSignature & sig,
Instant now
) {
try {
return try_verify_signed_data (sig, pubkey, now);
return try_verify_signed_data (pubkey, sig, now);
}
catch (json::exception &) {
return nullopt;
@ -72,13 +72,13 @@ namespace BareMinimumCrypto::Receiver {
const ExpiringSignature & signed_data,
Instant now
) {
auto subkey_opt = verify_signed_data (signed_cert, root_pubkey, now);
auto subkey_opt = verify_signed_data (root_pubkey, signed_cert, now);
if (! subkey_opt) {
return nullopt;
}
const auto subkey = std::move (*subkey_opt);
return verify_signed_data (signed_data, subkey, now);
return verify_signed_data (subkey, signed_data, now);
}
optional <vector <uint8_t>> verify_cert_and_data (
@ -88,4 +88,39 @@ namespace BareMinimumCrypto::Receiver {
) {
return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
}
optional <vector <uint8_t>> try_verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const string & json_string,
Instant now
) {
const json j = json::parse (json_string);
ExpiringSignature cert;
cert.sig = *base64_decode (j ["cert"]["sig_b64"]);
cert.cert_s = j ["cert"]["payload_s"];
auto subkey_opt = verify_signed_data (root_pubkey, cert, now);
const auto subkey = std::move (*subkey_opt);
ExpiringSignature data;
data.sig = *base64_decode (j ["data"]["sig_b64"]);
data.cert_s = j ["data"]["payload_s"];
return verify_signed_data (subkey, data, now);
}
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const string & json_string
) {
try {
return try_verify_cert_and_data (root_pubkey, json_string, Instant::now ());
}
catch (json::exception &) {
return nullopt;
}
}
}