#pragma once

#include <optional>
#include <stdint.h>
#include <vector>

namespace BareMinimumCrypto {
	struct ExpiringSignature;
}

// Structs and functions for the receiver role.

/*
The receiver needs to keep at least one root pubkey saved to
non-volatile memory. Since root keys are long-lived, you can
just compile them into the receiver app, too.

All the receiver does is receive combined cert-and-data messages,
and attempt to verify them. The subkeys used to directly sign the
data don't need to be saved, but should be logged.
*/

namespace BareMinimumCrypto::Receiver {
	using namespace std;
	
	optional <vector <uint8_t>> verify_cert_and_data (
		const ExpiringSignature & signed_cert,
		const ExpiringSignature & signed_data,
		const vector <uint8_t> & root_pubkey
	);
}