-
Notifications
You must be signed in to change notification settings - Fork 1
/
key.go
97 lines (78 loc) · 2.21 KB
/
key.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package iprs_record
import (
"context"
"fmt"
ld "github.com/dirkmc/go-iprs/ipld"
rsp "github.com/dirkmc/go-iprs/path"
node "gx/ipfs/QmNwUEK7QbwSqyKBu3mMtToo8SUc6wQJ7gdZq4gGGJqfnf/go-ipld-format"
ci "gx/ipfs/QmaPbCnUMBohSGo3KnxEa2bHqyJVVeEEcwtqJAYxerieBo/go-libp2p-crypto"
)
type KeyRecordSigner struct {
pk ci.PrivKey
pubkNode node.Node
}
func NewKeyRecordSigner(pk ci.PrivKey) *KeyRecordSigner {
return &KeyRecordSigner{pk, nil}
}
func (s *KeyRecordSigner) VerificationType() ld.IprsVerificationType {
return ld.VerificationType_Key
}
// Cache the Public Key node
func (s *KeyRecordSigner) getPubkNode() (node.Node, error) {
if s.pubkNode != nil {
return s.pubkNode, nil
}
b, err := s.pk.GetPublic().Bytes()
if err != nil {
return nil, err
}
s.pubkNode = ld.PublicKey(b)
return s.pubkNode, nil
}
func (s *KeyRecordSigner) Nodes() ([]node.Node, error) {
n, err := s.getPubkNode()
if err != nil {
return nil, err
}
return []node.Node{n}, nil
}
func (s *KeyRecordSigner) BasePath(id string) (rsp.IprsPath, error) {
n, err := s.getPubkNode()
if err != nil {
return rsp.NilPath, err
}
return rsp.FromString("/iprs/" + n.Cid().String() + "/" + id)
}
func (s *KeyRecordSigner) SignRecord(data []byte) ([]byte, error) {
return s.pk.Sign(data)
}
func (s *KeyRecordSigner) Verification() (interface{}, error) {
return nil, nil
}
func prepareKeySig(o interface{}) ([]byte, error) {
return nil, nil
}
type KeyRecordVerifier struct {
m *PublicKeyManager
}
func NewKeyRecordVerifier(m *PublicKeyManager) *KeyRecordVerifier {
return &KeyRecordVerifier{m}
}
func (v *KeyRecordVerifier) VerifyRecord(ctx context.Context, iprsKey rsp.IprsPath, record *Record) error {
pubk, err := v.m.GetPublicKey(ctx, iprsKey.Cid())
if err != nil {
return err
}
// Check signature
sigd, err := dataForSig(record.Value, record.Validity)
if err != nil {
return fmt.Errorf("Failed to marshall data for signature for path [%s]: %v", iprsKey, err)
}
if ok, err := pubk.Verify(sigd, record.Signature); err != nil || !ok {
return fmt.Errorf("Invalid record value. Not signed by private key corresponding to public key %v", pubk)
}
return nil
}
func init() {
VerificationSigPreparer[ld.VerificationType_Key] = prepareKeySig
}