Merge pull request #7 from scribe-security/feature/multi_sign

Feature/multi sign
secure-systems-lab · Dec 7, 2021 · 9e1a44e · 9e1a44e
2 parents 994000d + 1509a8f
commit 9e1a44e
Show file tree

Hide file tree

Showing 6 changed files with 405 additions and 111 deletions.
diff --git a/dsse/sign.go b/dsse/sign.go
@@ -67,7 +67,8 @@ using the current algorithm, and the key used (if applicable).
 For an example see EcdsaSigner in sign_test.go.
 */
 type Signer interface {
-	Sign(data []byte) ([]byte, string, error)
+	Sign(data []byte) ([]byte, error)
+	KeyID() (string, error)
 }
 
 // SignVerifer provides both the signing and verification interface.
@@ -79,14 +80,25 @@ type SignVerifier interface {
 // EnvelopeSigner creates signed Envelopes.
 type EnvelopeSigner struct {
 	providers []SignVerifier
-	ev        EnvelopeVerifier
+	ev        *envelopeVerifier
 }
 
 /*
 NewEnvelopeSigner creates an EnvelopeSigner that uses 1+ Signer
 algorithms to sign the data.
+Creates a verifier with threshold=1, at least one of the providers must validate signitures successfully.
 */
 func NewEnvelopeSigner(p ...SignVerifier) (*EnvelopeSigner, error) {
+	return NewMultiEnvelopeSigner(1, p...)
+}
+
+/*
+NewMultiEnvelopeSigner creates an EnvelopeSigner that uses 1+ Signer
+algorithms to sign the data.
+Creates a verifier with threshold.
+threashold indicates the amount of providers that must validate the envelope.
+*/
+func NewMultiEnvelopeSigner(threshold int, p ...SignVerifier) (*EnvelopeSigner, error) {
 	var providers []SignVerifier
 
 	for _, sv := range p {
@@ -104,11 +116,14 @@ func NewEnvelopeSigner(p ...SignVerifier) (*EnvelopeSigner, error) {
 		evps = append(evps, p.(Verifier))
 	}
 
+	ev, err := NewMultiEnvelopeVerifier(threshold, evps...)
+	if err != nil {
+		return nil, err
+	}
+
 	return &EnvelopeSigner{
 		providers: providers,
-		ev: EnvelopeVerifier{
-			providers: evps,
-		},
+		ev:        ev,
 	}, nil
 }
 
@@ -127,10 +142,14 @@ func (es *EnvelopeSigner) SignPayload(payloadType string, body []byte) (*Envelop
 	paeEnc := PAE(payloadType, body)
 
 	for _, signer := range es.providers {
-		sig, keyID, err := signer.Sign(paeEnc)
+		sig, err := signer.Sign(paeEnc)
 		if err != nil {
 			return nil, err
 		}
+		keyID, err := signer.KeyID()
+		if err != nil {
+			keyID = ""
+		}
 
 		e.Signatures = append(e.Signatures, Signature{
 			KeyID: keyID,
@@ -145,8 +164,9 @@ func (es *EnvelopeSigner) SignPayload(payloadType string, body []byte) (*Envelop
 Verify decodes the payload and verifies the signature.
 Any domain specific validation such as parsing the decoded body and
 validating the payload type is left out to the caller.
+Verify returns a list of accepted keys each including a keyid, public and signiture of the accepted provider keys.
 */
-func (es *EnvelopeSigner) Verify(e *Envelope) error {
+func (es *EnvelopeSigner) Verify(e *Envelope) ([]AcceptedKey, error) {
 	return es.ev.Verify(e)
 }