From db658ca5e2aa614688197cf3edde9bec83156bae Mon Sep 17 00:00:00 2001 From: Arnaud Brousseau Date: Thu, 9 May 2024 12:39:58 -0500 Subject: [PATCH] Rename publicKey param and document params for verifyEnclaveSignature --- export/index.template.html | 9 ++++++--- import/index.template.html | 9 ++++++--- import/standalone.template.html | 9 ++++++--- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/export/index.template.html b/export/index.template.html index 61d7a51..4b36709 100644 --- a/export/index.template.html +++ b/export/index.template.html @@ -328,8 +328,11 @@

Message log

/** * Function to verify enclave signature on import bundle received from the server. + * @param {string} enclaveQuorumPublic uncompressed public key for the quorum key which produced the signature + * @param {string} publicSignature signature bytes encoded as a hexadecimal string + * @param {string} signedData signed bytes encoded as a hexadecimal string. This could be public key bytes directly, or JSON-encoded bytes */ - async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, publicKey) { + async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, signedData) { /** Turnkey Signer enclave's public keys */ const TURNKEY_SIGNERS_ENCLAVES = { "prod": "04cf288fe433cc4e1aa0ce1632feac4ea26bf2f5a09dcfe5a42c398e06898710330f0572882f4dbdf0f5304b8fc8703acd69adca9a4bbf7f5d00d20a5e364b2569", @@ -355,8 +358,8 @@

Message log

// The ECDSA signature is ASN.1 DER encoded but WebCrypto uses raw format const publicSignatureBuf = fromDerSignature(publicSignature); - const publicKeyBuf = uint8arrayFromHexString(publicKey); - return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, publicKeyBuf); + const signedDataBuf = uint8arrayFromHexString(signedData); + return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, signedDataBuf); } /** diff --git a/import/index.template.html b/import/index.template.html index ea42c25..9de340f 100644 --- a/import/index.template.html +++ b/import/index.template.html @@ -285,8 +285,11 @@ /** * Function to verify enclave signature on import bundle received from the server. + * @param {string} enclaveQuorumPublic uncompressed public key for the quorum key which produced the signature + * @param {string} publicSignature signature bytes encoded as a hexadecimal string + * @param {string} signedData signed bytes encoded as a hexadecimal string. This could be public key bytes directly, or JSON-encoded bytes */ - async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, publicKey) { + async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, signedData) { /** Turnkey Signer enclave's public keys */ const TURNKEY_SIGNERS_ENCLAVES = { "prod": "04cf288fe433cc4e1aa0ce1632feac4ea26bf2f5a09dcfe5a42c398e06898710330f0572882f4dbdf0f5304b8fc8703acd69adca9a4bbf7f5d00d20a5e364b2569", @@ -312,8 +315,8 @@ // The ECDSA signature is ASN.1 DER encoded but WebCrypto uses raw format const publicSignatureBuf = fromDerSignature(publicSignature); - const publicKeyBuf = uint8arrayFromHexString(publicKey); - return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, publicKeyBuf); + const signedDataBuf = uint8arrayFromHexString(signedData); + return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, signedDataBuf); } /** diff --git a/import/standalone.template.html b/import/standalone.template.html index 78d1ed1..819ad48 100644 --- a/import/standalone.template.html +++ b/import/standalone.template.html @@ -337,8 +337,11 @@

Message log

/** * Function to verify enclave signature on import bundle received from the server. + * @param {string} enclaveQuorumPublic uncompressed public key for the quorum key which produced the signature + * @param {string} publicSignature signature bytes encoded as a hexadecimal string + * @param {string} signedData signed bytes encoded as a hexadecimal string. This could be public key bytes directly, or JSON-encoded bytes */ - async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, publicKey) { + async function verifyEnclaveSignature(enclaveQuorumPublic, publicSignature, signedData) { /** Turnkey Signer enclave's public keys */ const TURNKEY_SIGNERS_ENCLAVES = { "prod": "04cf288fe433cc4e1aa0ce1632feac4ea26bf2f5a09dcfe5a42c398e06898710330f0572882f4dbdf0f5304b8fc8703acd69adca9a4bbf7f5d00d20a5e364b2569", @@ -364,8 +367,8 @@

Message log

// The ECDSA signature is ASN.1 DER encoded but WebCrypto uses raw format const publicSignatureBuf = fromDerSignature(publicSignature); - const publicKeyBuf = uint8arrayFromHexString(publicKey); - return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, publicKeyBuf); + const signedDataBuf = uint8arrayFromHexString(signedData); + return await crypto.subtle.verify({ name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256" }}, quorumKey, publicSignatureBuf, signedDataBuf); } /**