Secure Operations
A secure operation is needed to sign and verify data in place. The signature is now 'detached' and does not have the data embedded within it. The data and the signature can be stored separately but are both necessary for verification.
Example
bool sign(
const std::vector<char>& in_data_to_sign,
std::vector<char>* out_signature,
Guardian* io_guardian)
{
/* find secure operation */
std::unique_ptr<SecureOperation> secop;
auto status = io_guardian->FindSecureOperation("MySecureOperationName",
&secop);
if( status )
{
printf("error finding secure operation [%s]:[%u]\r\n",
GuardianStatusEnum::NameOf(EXTRACT_STATUS(status)).c_str(),
status);
return false;
}
size_t out_signature_size = out_signature->size();
status = secop->Sign(in_data_to_sign.data(), in_data_to_sign.size(),
out_signature->data(), &out_signature_size);
if( status )
{
printf("error signing data [%s]:[%u]\r\n",
GuardianStatusEnum::NameOf(EXTRACT_STATUS(status)).c_str(),
status);
return false;
}
out_signature->resize(out_signature_size);
return true;
}bool verify(
const std::vector<char>& in_data_to_sign,
const std::vector<char>& in_signature,
Guardian* io_guardian)
{
/* find secure operation */
std::unique_ptr<SecureOperation> secop;
auto status = io_guardian->FindSecureOperation("MySecureOperationName",
&secop);
if( status )
{
printf("error finding secure operation [%s]:[%u]\r\n",
GuardianStatusEnum::NameOf(EXTRACT_STATUS(status)).c_str(),
status);
return false;
}
bool out_is_verified = false;
status = secop->Verify(in_data_to_sign.data(), in_data_to_sign.size(),
in_signature.data(), in_signature.size(),
&out_is_verified);
if( status )
{
printf("error verifying data [%s]:[%u]\r\n",
GuardianStatusEnum::NameOf(EXTRACT_STATUS(status)).c_str(),
status);
return false;
}
return out_is_verified;
}Last updated
Was this helpful?