saving progress for the day

Signed-off-by: chaosinthecrd <[email protected]>

dsse/dsse.go

@@ -48,7 +48,7 @@ func (e ErrInvalidThreshold) Error() string {
 const PemTypeCertificate = "CERTIFICATE"
 
 type Envelope struct {
-	Payload     []byte      `json:"payload"`
+	Payload     string      `json:"payload"`
 	PayloadType string      `json:"payloadType"`
 	Signatures  []Signature `json:"signatures"`
 }

dsse/sign.go

@@ -59,7 +59,7 @@ func Sign(bodyType string, body []byte, opts ...SignOption) (Envelope, error) {
 	}
 
 	env.PayloadType = bodyType
-	env.Payload = body
+	env.Payload = string(body)
 	env.Signatures = make([]Signature, 0)
 	pae := preauthEncode(bodyType, body)
 	for _, signer := range so.signers {

dsse/verify.go

@@ -86,7 +86,7 @@ func (e Envelope) Verify(opts ...VerificationOption) ([]PassedVerifier, error) {
 		return nil, ErrInvalidThreshold(options.threshold)
 	}
 
-	pae := preauthEncode(e.PayloadType, e.Payload)
+	pae := preauthEncode(e.PayloadType, []byte(e.Payload))
 	if len(e.Signatures) == 0 {
 		return nil, ErrNoSignatures{}
 	}
@@ -146,7 +146,7 @@ func (e Envelope) Verify(opts ...VerificationOption) ([]PassedVerifier, error) {
 
 		for _, verifier := range options.verifiers {
 			if verifier != nil {
-				if err := verifier.Verify(bytes.NewReader(pae), sig.Signature); err == nil {
+				if err := verifier.Verify(context.TODO(), pae, sig.Signature); err == nil {
 					passedVerifiers = append(passedVerifiers, PassedVerifier{Verifier: verifier})
 					matchingSigFound = true
 				}
@@ -171,7 +171,7 @@ func verifyX509Time(cert *x509.Certificate, sigIntermediates, roots []*x509.Cert
 		return nil, err
 	}
 
-	if err := verifier.Verify(bytes.NewReader(pae), sig); err != nil {
+	if err := verifier.Verify(context.TODO(), pae, sig); err != nil {
 		return nil, err
 	}
 

signature/envelope/dsse/dsse.go

@@ -5,38 +5,45 @@ import (
 	"fmt"
 
 	"github.com/in-toto/go-witness/cryptoutil"
+	// Eventually we will migrate to using github.com/securesystemslab/dsse
+	// but for now it doesn't support timestamps and intermediates
 	idsse "github.com/in-toto/go-witness/dsse"
-	"github.com/secure-systems-lab/go-securesystemslib/dsse"
 )
 
 type DSSEEnvelope struct {
-	Envelope *dsse.Envelope
+	Envelope *idsse.Envelope
 }
 
 func (e *DSSEEnvelope) Sign(signer *crypto.Signer, opts ...cryptoutil.SignerOption) (interface{}, error) {
 	if e.Envelope.PayloadType == "" || e.Envelope.Payload == "" {
 		return nil, fmt.Errorf("PayloadType and Payload not populated correctly")
 	}
 
-	s, err := cryptoutil.NewSigner(signer)
+	s, err := cryptoutil.NewSigner(signer, opts...)
 	if err != nil {
 		return nil, err
 	}
 
-	v, err := cryptoutil.NewVerifier(signer)
+	se, err := idsse.Sign(e.Envelope.PayloadType, []byte(e.Envelope.Payload), idsse.SignWithSigners(s))
 	if err != nil {
 		return nil, err
 	}
 
-	sv := cryptoutil.SignerVerifier{
-		Signer:   s,
-		Verifier: v,
+	return se, nil
+}
+
+func (e *DSSEEnvelope) Verify(pub *crypto.PublicKey, opts ...cryptoutil.VerifierOption) (interface{}, error) {
+	v, err := cryptoutil.NewVerifier(pub, opts...)
+	if err != nil {
+		return nil, err
 	}
 
-	se, err := idsse.Sign(e.Envelope.PayloadType, []byte(e.Envelope.Payload), idsse.SignWithSigners(sv.Signer))
+	ve, err := e.Envelope.Verify(idsse.VerifyWithVerifiers(v))
 	if err != nil {
 		return nil, err
 	}
 
-	return se, nil
+	return ve, nil
 }
+
+func (e *DSSEEnvelope) Content() (interface{}, error)

signature/envelope/envelope.go

@@ -17,5 +17,18 @@ type Envelope interface {
 
 	// Content returns the payload and signer information of the envelope.
 	// Content is trusted only after the successful call to `Verify()`.
-	Content() ([]byte, error)
+	Content() (EnvelopeContent, error)
+}
+
+type EnvelopeContent struct {
+	PayloadType string
+	Payload     string
+	Signatures  []SignatureInfo
+}
+
+type SignatureInfo struct {
+	// NOTE: Made this a string for now but I think it might be better in antother form later
+	SignatureAlgorithm string
+
+	Signature []byte
 }