peerbit Verify Signer Using Parent Key

Verify Signer Using Parent Key

Open a4smanjorg5 opened this issue 7 months ago • 0 comments

Can the signer (signer = private key) come from a sub-private key and verify from the parent public key? A case in point is openssl which can create a certificate chain. So, since openssl also has a CRL, it can revoke the certificate chain where subsequent signings cannot be verified.

Here is the code snippet

...
    async open(args?: any): Promise<void> {
        await this.posts.open({
            type: Post,
            canPerform: (properties) => {
                // This canPerfom will only return true if the post was signed by REQUIRED_SIGNER and another party
                const publicKeys = properties.entry.publicKeys; // Public keys of signers
                if (
                    publicKeys.find((publicKey) =>
                        publicKey.equals(REQUIRED_SIGNER.publicKey) // <-- There may be additional codes to search for parental certificates such as self-signed certificates
                    ) &&
                    publicKeys.find(
                        (publicKey) => !publicKey.equals(REQUIRED_SIGNER.publicKey)
                    )
                ) {
                    return true;
                }

                return false;
            }
        });
    }
}
...

await db.posts.put(new Post("Hello world!"), {
    signers: [
        REQUIRED_SIGNER.sign.bind(REQUIRED_SIGNER) // <-- here using a private sub-key. But if it is revoked then the subsequent signing of the same signer cannot be verified.
    ]
});

...

Jun 27 '24 02:06 a4smanjorg5

peerbit peerbit copied to clipboard

Verify Signer Using Parent Key

peerbit
peerbit copied to clipboard