// TODO: fields of notice (last notice, serial, failure notice,..)
// TODO: limits and cert type specific input validation
// TODO: fix Cert mess
+// TODO: nonce is id, id is even number of hex digits (require only draftid.nonce to be uniq)
+// TODO: denom, issuer from key (key representation: armor?)
import (
"bytes"
"Last-Credit-Serial": "int",
"Last-Debit-Serial": "int",
"Maturity-Date": "date",
- "Nonce": "text",
+ "Nonce": "id",
"Notes": "text",
"References": "ids",
"Serial": "int",
Denomination string
Issuer string
AuthorizedBy string
- MaturityDate *int64 // optional
- ExpiryDate *int64 // optional
- Nonce *string // optional
+ MaturityDate *int64 // optional
+ ExpiryDate *int64 // optional
+ Nonce string
Notes *string // optional
}
return
}
+func cleanBody(s []byte) []byte {
+ nl := []byte{'\n'}
+ a := bytes.Split(s, nl)
+ for i := range a {
+ a[i] = bytes.TrimRight(a[i], " \t")
+ }
+ return bytes.Join(a, nl)
+}
+
// sha1 sum of the (cleaned) document body as uppercase hex string
func Id(c *Signed) string {
h := sha1.New()
func Verify(c *Signed, key openpgp.KeyRing) (err error) {
msg := bytes.NewBuffer(c.Body)
sig := bytes.NewBuffer(c.Signature)
-// TODO: verify signature
- _,_ = msg,sig
-// _, err = openpgp.CheckArmoredDetachedSignature(key, msg, sig)
+ // TODO: verify signature
+ _, _ = msg, sig
+ // _, err = openpgp.CheckArmoredDetachedSignature(key, msg, sig)
return
}
func Sign(body []byte, key *openpgp.Entity) (c *Signed, err error) {
c = new(Signed)
c.Hash = "SHA256"
- c.Body = body
+ c.Body = cleanBody(body)
w := new(bytes.Buffer)
- w.Write([]byte("\n-----BEGIN PGP SIGNATURE-----\n\nTODO: signature\n"))
-// err = openpgp.ArmoredDetachSignText(w, key, bytes.NewBuffer(c.Body))
+ err = openpgp.ArmoredDetachSignText(w, key, bytes.NewBuffer(c.Body))
+ if err != nil {
+ return
+ }
+ // close armored document with a \n
+ _, _ = w.Write([]byte{'\n'})
c.Signature = w.Bytes()
return
}