TODO: Verify accuracy of signature chain.

Also todo: * Use URL safe base64 for blob multihash? * Replicate/verify signatures of SSB messages for backwards compat.
2020-03-09 08:56:45 -05:00 · 2020-03-09 08:56:45 -05:00 · c27db9ae71
parent 6a345bbb90
commit c27db9ae71
9 changed files with 28 additions and 2332 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,4 +2,4 @@ coverage/
 .pigeon/
 *.pigeon
 doc/
-scratchpad*
+*scratchpad*
--- a/dist/pigeon.rb
+++ b/dist/pigeon.rb
@ -37,7 +37,7 @@ module Pigeon
  # ^ Internal namespaces for PStore keys

  BLOB_SIGIL = "&"
-  SIGNATURE_SIGIL = "%"
+  MESSAGE_SIGIL = "%"
  IDENTITY_SIGIL = "@"
  STRING_SIGIL = "\""
  BLOB_FOOTER = ".sha256"
--- a/dist/pigeon/draft.rb
+++ b/dist/pigeon/draft.rb
@ -34,7 +34,7 @@ module Pigeon

    def []=(key, value)
      case value[0]
-      when BLOB_SIGIL, SIGNATURE_SIGIL, IDENTITY_SIGIL, STRING_SIGIL
+      when BLOB_SIGIL, MESSAGE_SIGIL, IDENTITY_SIGIL, STRING_SIGIL
        self.body[key] = value
      else
        self.body[key] = value.inspect
--- a/dist/pigeon/message.rb
+++ b/dist/pigeon/message.rb
@ -19,6 +19,11 @@ module Pigeon
      Serializer.new(self).render
    end

+    def multihash
+      sha256 = Base64.urlsafe_encode64(Digest::SHA256.hexdigest(self.render))
+      "#{MESSAGE_SIGIL}#{sha256}#{BLOB_FOOTER}"
+    end
+
    private

    def initialize(author:, kind:, body:)
--- a/dist/pigeon/storage.rb
+++ b/dist/pigeon/storage.rb
@ -54,7 +54,7 @@ module Pigeon
      store.transaction do
        store[BLOB_NS][hex_digest] = data
      end
-
+      puts "TODO: Maybe this needs to be URLsafe base 64: "
      [BLOB_SIGIL, hex_digest, BLOB_FOOTER].join("")
    end

--- a/scratchpad.json
+++ b/scratchpad.json
--- a/scratchpad2.json
+++ b/scratchpad2.json
@ -1,14 +0,0 @@
-{
-  "previous": null,
-  "author": "@z2M8msI2EUubNHnrEJncglDIy2/SUd+36jCyJnfeiHk=.ed25519",
-  "sequence": 1,
-  "timestamp": 1554164725521,
-  "hash": "sha256",
-  "content": {
-    "type": "about",
-    "about": "@z2M8msI2EUubNHnrEJncglDIy2/SUd+36jCyJnfeiHk=.ed25519",
-    "image": "&jqMB109+asDMUVWkeAsqK/4KlbF+6M2x+jtTdFIdVw8=.sha256",
-    "name": "Netscape Navigator"
-  },
-  "signature": "3er8E88P7WPSjnm+L3QmoPqNxhqAn/pOjvo6Owk0KNn69FgOjAYLOgRdrGnuihBp4QYWYPJ5bS1Gw9weQKj9DQ==.sig.ed25519"
-}
--- a/scratchpad2.rb
+++ b/scratchpad2.rb
@ -1 +1,18 @@
+require "json"
+require "base64"
+require "ed25519"
+file = File.read("../scratchpad2.json")
+json = JSON.parse(file)

+message_plaintext = File.read("./scratchpad3.json").chomp
+what_we_want = json[1]["signature"].gsub(".sig.ed25519", "")
+seed = Base64.urlsafe_decode64(json[0]["private"].gsub!(".ed25519", ""))
+signing_key = Ed25519::SigningKey.from_keypair(seed)
+signature = signing_key.sign(message_plaintext)
+signature_b64 = Base64.urlsafe_encode64(signature)
+
+puts file
+puts message_plaintext
+puts "HAVE: " + signature_b64
+puts "WANT: " + what_we_want
+puts signature_b64 == what_we_want ? "HOORAY!!!" : "Did not work"
--- a/spec/pigeon/message_spec.rb
+++ b/spec/pigeon/message_spec.rb
@ -61,6 +61,7 @@ RSpec.describe Pigeon::Message do
        expect(message.prev).to be nil
      end
    end
-    binding.pry
  end
+
+  it "verifies accuracy of signature chain"
 end