refactor: separate verification pipeline

tinfoilanalytics · Nov 20, 2024 · 7c1bc4c · 7c1bc4c
1 parent 102669b
commit 7c1bc4c
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 15 deletions.
diff --git a/pkg/models/models.go b/pkg/models/models.go
@@ -1,5 +1,7 @@
 package models
 
+import "fmt"
+
 type Measurements struct {
 	PCR0 string
 	PCR1 string
@@ -9,3 +11,7 @@ type Measurements struct {
 func (m *Measurements) Equals(other *Measurements) bool {
 	return (m != nil && other != nil) && m.PCR0 == other.PCR0 && m.PCR1 == other.PCR1 && m.PCR2 == other.PCR2
 }
+
+func (m *Measurements) String() string {
+	return fmt.Sprintf(`{"PCR0":"%s", "PCR1":"%s", "PCR2":"%s"}`, m.PCR0, m.PCR1, m.PCR2)
+}
diff --git a/wasm/main.go b/wasm/main.go
@@ -5,7 +5,7 @@ package main
 
 import (
 	_ "embed"
-	"fmt"
+	"encoding/base64"
 	"syscall/js"
 
 	"github.com/tinfoilanalytics/verifier/pkg/nitro"
@@ -17,15 +17,10 @@ import (
 //go:embed test/trusted_root.json
 var trustedRootBytes []byte
 
-//go:embed test/bundle.jsonl
-var bundleBytes []byte
-
-//go:embed test/att_doc.bin
-var attDocBytes []byte
-
-func verify() js.Func {
+func verifySigstore() js.Func {
 	return js.FuncOf(func(this js.Value, args []js.Value) any {
-		digest := "8c168b97025c49a7f34c0da01b22200e4dc3b1f858e76fc4555967eb28722b11"
+		digest := args[0].String()
+		bundleBytes := []byte(args[1].String())
 
 		sigstoreMeasurements, err := sigstore.VerifyAttestedMeasurements(
 			trustedRootBytes,
@@ -35,21 +30,29 @@ func verify() js.Func {
 		if err != nil {
 			panic(err)
 		}
-		fmt.Println("Sigstore", sigstoreMeasurements)
 
-		nitroMeasurements, err := nitro.VerifyAttestation(attDocBytes)
+		return sigstoreMeasurements.String()
+	})
+}
+
+func verifyNitro() js.Func {
+	return js.FuncOf(func(this js.Value, args []js.Value) any {
+		attDocBytes, err := base64.StdEncoding.DecodeString(args[0].String())
 		if err != nil {
 			panic(err)
 		}
-		fmt.Println("Nitro", nitroMeasurements)
 
-		fmt.Println("Match?", sigstoreMeasurements.Equals(nitroMeasurements))
+		nitroMeasurements, err := nitro.VerifyAttestation(attDocBytes)
+		if err != nil {
+			panic(err)
+		}
 
-		return "ok"
+		return nitroMeasurements.String()
 	})
 }
 
 func main() {
-	js.Global().Set("verify", verify())
+	js.Global().Set("verifySigstore", verifySigstore())
+	js.Global().Set("verifyNitro", verifyNitro())
 	<-make(chan struct{})
 }
diff --git a/wasm/test/att_doc.bin b/wasm/test/att_doc.bin