Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

C bindings #37

Open
4 tasks
lu-zero opened this issue Jan 3, 2022 · 3 comments
Open
4 tasks

C bindings #37

lu-zero opened this issue Jan 3, 2022 · 3 comments
Labels
enhancement New feature or request low priority

Comments

@lu-zero
Copy link
Collaborator

lu-zero commented Jan 3, 2022

  • Make sure the current API is set (pending @dodomorandi rework)
  • Write a capi guarded module.
  • Add cbindgen.conf with the minimal features
  • Document how to install it in the README.md
@lu-zero lu-zero added enhancement New feature or request low priority labels Jan 3, 2022
@lmammino
Copy link
Member

lmammino commented Jan 6, 2022

Wow, this one looks super interesting. I have no idea how to do this stuff, so definitely a learning opportunity for me! :)

Looking forward to seeing this happening

@lu-zero
Copy link
Collaborator Author

lu-zero commented Jan 6, 2022

We can try to make it a show & tell event.

@lu-zero
Copy link
Collaborator Author

lu-zero commented Feb 23, 2022

Here how it could look like

#ifndef DGC_H
#define DGC_H

/* Generated with cbindgen:0.20.0 */


#define DGC_MAJOR 0
#define DGC_MINOR 0
#define DGC_PATCH 7


#include <stdarg.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdlib.h>

/**
 * The main container for one or more DGC entries.
 */
typedef struct DgcContainer DgcContainer;

/**
 * Represents all the possible types of failures that can occure when parsing a certificate.
 */
typedef struct DgcParseError DgcParseError;

/**
 * Represents all the possible outcomes of trying to validate a signature
 * for a given certificate.
 */
typedef struct DgcValidity DgcValidity;

/**
 * Struct used to index all the available public keys which
 * can be used to validate the signature on a given certificate.
 *
 * Keys are indexed by their `kid` (Key ID) which is an arbitrary sequence of bytes.
 */
typedef struct TrustList TrustList;

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/**
 * Decodes the certificate and returns the [`DgcContainer`] data contained in it.
 *
 * This function is recommended when you don't want to validate the signature but you
 * are just interested in reading the content of the certificate.
 */
const struct DgcParseError *dgc_decode(const uint8_t *data,
                                       uintptr_t len,
                                       struct DgcContainer **container);

/**
 * Parses and validates a given certificate.
 *
 * This function is a high level helper that allows you to extract the data from a
 * certificate and at the same time it tries to validate the signature against a given
 * trustlist.
 *
 * This function will return an error if the certificate cannot be parsed or is invalid.
 * If the certificate can be parsed correctly, this function returns a tuple containing a
 * [`DgcContainer`] and a [`SignatureValidity`].
 *
 * This design allows for permissive validation of the certificate signature.
 * In fact, `SignatureValidity` can be used to determine if the signature is valid and even if it is
 * invalid (or the validity cannot be assessed) you could still access all the information
 * in the certificate.
 */
const struct DgcParseError *dgc_validate(const uint8_t *data,
                                         uintptr_t len,
                                         const struct TrustList *trustlist,
                                         struct DgcContainer **container,
                                         struct DgcValidity **validity);

bool dgc_signature_is_valid(const struct DgcValidity *error);

uint8_t *dgc_container_to_json(const struct DgcContainer *container);

void dgc_container_free_json(uint8_t **json);

#ifdef __cplusplus
} // extern "C"
#endif // __cplusplus

#endif /* DGC_H */

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request low priority
Projects
None yet
Development

No branches or pull requests

2 participants