Add function to verify with while array of public keys

Author: Martchus

misc/signingkeys.h

@@ -9,8 +9,14 @@ namespace CppUtilities {
 /*!
  * \brief Contains signing keys for verifying releases via OpenSSL or stsigtool.
  * \remarks
- * - Checkout the header file `verification.h` for verification with OpenSSL.
+ * - Checkout the header file `verification.h` which contains the function verifySignature() for
+ *   verification with OpenSSL.
  * - Checkout the Syncthing library contained in Syncthing Tray for verification with stsigtool.
+ * - The arrays may contain more than one key, e.g. when rotatiung keys and an old key is in progress
+ *   of being phased out.
+ * - The concrete type of the contained key variables will change when the number of keys changes.
+ *   So do *not* use it in e.g. a function signature or member variable that will become part of
+ *   some public API/ABI. The variable is mereley supposed to be passed to verifySignature().
  * - This function is experimental and might be changed in incompatible ways (API and ABI wise) or be completely removed
  *   in further minor/patch releases.
  */

misc/verification.h

@@ -69,6 +69,9 @@ inline std::string parsePemSignature(std::string_view pemSignature, std::pair<st
 
 } // namespace Detail
 
+/// \brief The signature of the main verifySignature() function.
+using MainVerifyFunctionType = std::string (*)(std::string_view, std::string_view, std::string_view);
+
 /*!
  * \brief Verifies \a data with the specified public key \a publicKeyPem and signature \a signaturePem.
  * \returns Returns an empty string if \a data and \a signature are correct and an error message otherwise.
@@ -104,7 +107,6 @@ inline std::string parsePemSignature(std::string_view pemSignature, std::pair<st
 inline std::string verifySignature(std::string_view publicKeyPem, std::string_view signaturePem, std::string_view data)
 {
     auto error = std::string();
-
     auto derSignature = std::pair<std::unique_ptr<std::uint8_t[]>, std::uint32_t>();
     if (error = Detail::parsePemSignature(signaturePem, derSignature); !error.empty()) {
         return error;
@@ -149,6 +151,27 @@ inline std::string verifySignature(std::string_view publicKeyPem, std::string_vi
     return error;
 }
 
+/*!
+ * \brief Verifies \a data with the specified public keys \a publicKeysPem and signature \a signaturePem.
+ * \returns Returns an empty string if \a data and \a signature are correct and an error message otherwise.
+ * \remarks
+ * - This is a version of verifySignature() that takes more than one public key trying out different keys.
+ *   This allows rotating keys once in a while without breaking verification by temporarily allowing the
+ *   old and new key at the same time.
+ */
+template <class Keys, class VerifyFunction = MainVerifyFunctionType>
+inline std::string verifySignature(Keys &&publicKeysPem, std::string_view signaturePem, std::string_view data,
+    VerifyFunction &&verifyFunction = static_cast<MainVerifyFunctionType>(&verifySignature))
+{
+    auto error = std::string("no keys provided");
+    for (const auto publicKeyPem : publicKeysPem) {
+        if ((error = verifyFunction(publicKeyPem, signaturePem, data)).empty()) {
+            return error;
+        }
+    }
+    return error;
+}
+
 } // namespace CppUtilities
 
 #endif // CPP_UTILITIES_MISC_VERIFICATION_H

tests/misctests.cpp

@@ -3,6 +3,7 @@
 #include "../misc/multiarray.h"
 
 #ifdef CPP_UTILITIES_HAS_OPENSSL_CRYPTO
+#include "../misc/signingkeys.h"
 #include "../misc/verification.h"
 #endif
 
@@ -205,6 +206,12 @@ sWB0iGdPa+oXbRish7HoNCU/k0lD3ffXaf8ueC78Zme9NFO18Ol+NWXJDA==
 
     message[5] = '?';
     CPPUNIT_ASSERT_EQUAL_MESSAGE("manipulate message", "incorrect signature"s, verifySignature(key, signature, message));
+    CPPUNIT_ASSERT_EQUAL_MESSAGE("manipulate message", "incorrect signature"s, verifySignature(key, signature, message));
+
+    CPPUNIT_ASSERT_EQUAL_MESSAGE(
+        "verifySignature can be called with array of signatures", "incorrect signature"s, verifySignature(SigningKeys::openssl, signature, message));
+    CPPUNIT_ASSERT_EQUAL_MESSAGE(
+        "verifySignature can be called with empty vector", "no keys provided"s, verifySignature(std::vector<std::string_view>(), signature, message));
 }
 #endif