mirror of
https://github.com/maxgoedjen/secretive.git
synced 2025-04-04 06:37:07 +00:00
Tweak verify signature
This commit is contained in:
parent
74136da0c5
commit
a3647eab81
@ -24,7 +24,7 @@ public class AnySecretStore: SecretStore {
|
||||
_id = { secretStore.id }
|
||||
_secrets = { secretStore.secrets.map { AnySecret($0) } }
|
||||
_sign = { try secretStore.sign(data: $0, with: $1.base as! SecretStoreType.SecretType, for: $2) }
|
||||
_verify = { try secretStore.verify(data: $0, signature: $1, with: $2.base as! SecretStoreType.SecretType) }
|
||||
_verify = { try secretStore.verify(signature: $0, for: $1, with: $2.base as! SecretStoreType.SecretType) }
|
||||
_existingPersistedAuthenticationContext = { secretStore.existingPersistedAuthenticationContext(secret: $0.base as! SecretStoreType.SecretType) }
|
||||
_persistAuthentication = { try secretStore.persistAuthentication(secret: $0.base as! SecretStoreType.SecretType, forDuration: $1) }
|
||||
_reloadSecrets = { secretStore.reloadSecrets() }
|
||||
@ -53,8 +53,8 @@ public class AnySecretStore: SecretStore {
|
||||
try _sign(data, secret, provenance)
|
||||
}
|
||||
|
||||
public func verify(data: Data, signature: Data, with secret: AnySecret) throws -> Bool {
|
||||
try _verify(data, signature, secret)
|
||||
public func verify(signature: Data, for data: Data, with secret: AnySecret) throws -> Bool {
|
||||
try _verify(signature, data, secret)
|
||||
}
|
||||
|
||||
public func existingPersistedAuthenticationContext(secret: AnySecret) -> PersistedAuthenticationContext? {
|
||||
|
@ -25,11 +25,11 @@ public protocol SecretStore: ObservableObject, Identifiable {
|
||||
|
||||
/// Verifies that a signature is valid over a specified payload.
|
||||
/// - Parameters:
|
||||
/// - data: The data to verify the signature of.
|
||||
/// - signature: The signature over the data.
|
||||
/// - data: The data to verify the signature of.
|
||||
/// - secret: The secret whose signature to verify.
|
||||
/// - Returns: Whether the signature was verified.
|
||||
func verify(data: Data, signature: Data, with secret: SecretType) throws -> Bool
|
||||
func verify(signature: Data, for data: Data, with secret: SecretType) throws -> Bool
|
||||
|
||||
/// Checks to see if there is currently a valid persisted authentication for a given secret.
|
||||
/// - Parameters:
|
||||
|
@ -138,7 +138,7 @@ extension SecureEnclave {
|
||||
return signature as Data
|
||||
}
|
||||
|
||||
public func verify(data: Data, signature: Data, with secret: Secret) throws -> Bool {
|
||||
public func verify(signature: Data, for data: Data, with secret: Secret) throws -> Bool {
|
||||
let context = LAContext()
|
||||
context.localizedReason = "verify a signature using secret \"\(secret.name)\""
|
||||
context.localizedCancelTitle = "Deny"
|
||||
|
@ -86,7 +86,7 @@ extension SmartCard {
|
||||
}
|
||||
return signature as Data
|
||||
}
|
||||
public func verify(data: Data, signature: Data, with secret: Secret) throws -> Bool {
|
||||
public func verify(signature: Data, for data: Data, with secret: Secret) throws -> Bool {
|
||||
let attributes = KeychainDictionary([
|
||||
kSecAttrKeyType: secret.algorithm.secAttrKeyType,
|
||||
kSecAttrKeySizeInBits: secret.keySize,
|
||||
|
@ -61,8 +61,13 @@ class AgentTests: XCTestCase {
|
||||
var rs = r
|
||||
rs.append(s)
|
||||
let signature = try! P256.Signing.ECDSASignature(rawRepresentation: rs)
|
||||
let valid = try! P256.Signing.PublicKey(x963Representation: Constants.Secrets.ecdsa256Secret.publicKey).isValidSignature(signature, for: dataToSign)
|
||||
XCTAssertTrue(valid)
|
||||
let refereneceValid = try! P256.Signing.PublicKey(x963Representation: Constants.Secrets.ecdsa256Secret.publicKey).isValidSignature(signature, for: dataToSign)
|
||||
let store = list.stores.first!
|
||||
let valid = try? store.verify(signature: rs, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
|
||||
let invalid = try? store.verify(signature: rs, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
|
||||
XCTAssertTrue(refereneceValid)
|
||||
XCTAssert(valid == true)
|
||||
XCTAssert(invalid == false)
|
||||
}
|
||||
|
||||
// MARK: Witness protocol
|
||||
|
@ -70,7 +70,7 @@ extension Stub {
|
||||
return SecKeyCreateSignature(privateKey, signatureAlgorithm, data as CFData, nil)! as Data
|
||||
}
|
||||
|
||||
public func verify(data: Data, signature: Data, with secret: Stub.Secret) throws -> Bool {
|
||||
public func verify(signature: Data, for data: Data, with secret: Stub.Secret) throws -> Bool {
|
||||
let attributes = KeychainDictionary([
|
||||
kSecAttrKeyType: secret.algorithm.secAttrKeyType,
|
||||
kSecAttrKeySizeInBits: secret.keySize,
|
||||
|
Loading…
Reference in New Issue
Block a user