68 lines
1.7 KiB
C++
68 lines
1.7 KiB
C++
#pragma once
|
|
|
|
#include <optional>
|
|
#include <stdint.h>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include "json.hpp"
|
|
|
|
#include "expiring_signature.h"
|
|
#include "time_helpers.h"
|
|
|
|
namespace BareMinimumCrypto {
|
|
using namespace std;
|
|
using nlohmann::json;
|
|
|
|
string get_machine_id ();
|
|
|
|
struct HumanKeyFile {
|
|
vector <uint8_t> salt;
|
|
Instant time_created;
|
|
vector <uint8_t> pubkey;
|
|
string machine_id;
|
|
|
|
vector <uint8_t> to_msgpack () const;
|
|
static optional <HumanKeyFile> try_from_msgpack (const json & msg);
|
|
};
|
|
|
|
struct MachineKeyFile {
|
|
vector <uint8_t> secretkey;
|
|
Instant time_created;
|
|
string machine_id;
|
|
|
|
vector <uint8_t> to_msgpack () const;
|
|
static optional <MachineKeyFile> try_from_msgpack (const json & msg);
|
|
|
|
vector <uint8_t> pubkey () const;
|
|
};
|
|
|
|
struct SigningKey {
|
|
vector <uint8_t> pk;
|
|
vector <uint8_t> sk;
|
|
|
|
SigningKey ();
|
|
|
|
// This doesn't fsync, so it's possible to lose the key due to a power outage
|
|
// or filesystem nonsense right after this function returns.
|
|
// It also doesn't do the rename trick. The caller may do that.
|
|
|
|
static optional <SigningKey> generate_human_key_file (const string & file_path, const string & passphrase);
|
|
|
|
static optional <SigningKey> generate_machine_key_file (const string & file_path);
|
|
|
|
static optional <SigningKey> load_human_key_file (const string & file_path, const string & passphrase);
|
|
|
|
vector <uint8_t> pubkey () const;
|
|
vector <uint8_t> pub_to_msgpack () const;
|
|
|
|
optional <ExpiringSignature> sign (
|
|
const vector <uint8_t> & payload,
|
|
TimeRange tr
|
|
) const;
|
|
|
|
optional <ExpiringSignature> sign_key (const SigningKey & k, Instant now) const;
|
|
optional <ExpiringSignature> sign_data (const vector <uint8_t> & v, Instant now) const;
|
|
};
|
|
}
|