ptth/bare_minimum_crypto/cpp/signing_key.cpp

#include "signing_key.h"

#include "json.hpp"

#include "sodium_helpers.h"

namespace BareMinimumCrypto {
	using nlohmann::json;
	
	SigningKey::SigningKey () {
		try_sodium_init ();
		
		pk.resize (crypto_sign_PUBLICKEYBYTES);
		sk.resize (crypto_sign_SECRETKEYBYTES);
		
		crypto_sign_keypair (pk.data (), sk.data ());
	}
	
	vector <uint8_t> SigningKey::pubkey () const {
		return pk;
	}
	
	vector <uint8_t> SigningKey::pub_to_msgpack () const {
		const json j = {
			{"key", json::binary (pk)},
		};
		return json::to_msgpack (j);
	}
	
	optional <ExpiringSignature> SigningKey::sign (
		const vector <uint8_t> & payload,
		TimeRange tr
	) const {
		try_sodium_init ();
		
		if (tr.duration () > about_1_year) {
			return nullopt;
		}
		
		const json j {
			{"not_before", tr.not_before},
			{"not_after", tr.not_after},
			{"payload", json::binary (payload)},
		};
		
		const auto cert = json::to_msgpack (j);
		
		vector <uint8_t> sig;
		sig.resize (crypto_sign_BYTES);
		
		crypto_sign_detached (sig.data (), nullptr, cert.data (), cert.size (), sk.data ());
		
		return ExpiringSignature {
			cert,
			sig,
		};
	}
	
	optional <ExpiringSignature> SigningKey::sign_key (const SigningKey & k, Instant now) const 
	{
		return sign (k.pub_to_msgpack (), TimeRange::from_start_and_dur (now, about_3_months));
	}
	
	optional <ExpiringSignature> SigningKey::sign_data (const vector <uint8_t> & v, Instant now) const 
	{
		return sign (v, TimeRange::from_start_and_dur (now, about_1_week));
	}
}