// checkReverseSig verifies that the reverse sig in jw is valid
// and matches jw.
func (e *Kex2Provisioner) checkReverseSig(jw *jsonw.Wrapper) error {
kid, err := jw.AtPath("body.sibkey.kid").GetString()
if err != nil {
return err
}
keypair, err := libkb.ImportKeypairFromKID(keybase1.KIDFromString(kid))
if err != nil {
return err
}
revsig, err := jw.AtPath("body.sibkey.reverse_sig").GetString()
if err != nil {
return err
}
// set reverse_sig to nil to verify it:
jw.SetValueAtPath("body.sibkey.reverse_sig", jsonw.NewNil())
msg, err := jw.Marshal()
if err != nil {
return err
}
_, err = keypair.VerifyString(revsig, msg)
if err != nil {
return err
}
// put reverse_sig back in
jw.SetValueAtPath("body.sibkey.reverse_sig", jsonw.NewString(revsig))
return nil
}
func (j *JSONLocalDb) Put(id DbKey, aliases []DbKey, val *jsonw.Wrapper) error {
bytes, err := val.Marshal()
if err == nil {
err = j.engine.Put(id, aliases, bytes)
}
return err
}
// SimpleSignJson marshals the given Json structure and then signs it.
func SignJSON(jw *jsonw.Wrapper, key GenericKey) (out string, id keybase1.SigID, lid LinkID, err error) {
var tmp []byte
if tmp, err = jw.Marshal(); err != nil {
return
}
out, id, err = key.SignToString(tmp)
lid = ComputeLinkID(tmp)
return
}