1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

// Copyright 2020 The Tink-Rust Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
///////////////////////////////////////////////////////////////////////////////

//! Testing server for signatures.

use crate::proto;

#[derive(Debug, Default)]
pub struct SignatureServerImpl;

#[tonic::async_trait]
impl proto::signature_server::Signature for SignatureServerImpl {
    async fn sign(
        &self,
        request: tonic::Request<proto::SignatureSignRequest>,
    ) -> Result<tonic::Response<proto::SignatureSignResponse>, tonic::Status> {
        let req = request.into_inner(); // discard metadata
        let closure = move || {
            let cursor = std::io::Cursor::new(req.private_keyset.clone());
            let mut reader = tink_core::keyset::BinaryReader::new(cursor);
            let handle = tink_core::keyset::insecure::read(&mut reader)?;
            let signer = tink_signature::new_signer(&handle)?;
            signer.sign(&req.data)
        };
        Ok(tonic::Response::new(proto::SignatureSignResponse {
            result: Some(match closure() {
                Ok(sig) => proto::signature_sign_response::Result::Signature(sig),
                Err(e) => proto::signature_sign_response::Result::Err(format!("{:?}", e)),
            }),
        }))
    }

    async fn verify(
        &self,
        request: tonic::Request<proto::SignatureVerifyRequest>,
    ) -> Result<tonic::Response<proto::SignatureVerifyResponse>, tonic::Status> {
        let req = request.into_inner(); // discard metadata
        let closure = move || {
            let cursor = std::io::Cursor::new(req.public_keyset.clone());
            let mut reader = tink_core::keyset::BinaryReader::new(cursor);
            let handle = tink_core::keyset::insecure::read(&mut reader)?;
            let verifier = tink_signature::new_verifier(&handle)?;
            verifier.verify(&req.signature, &req.data)
        };
        Ok(tonic::Response::new(proto::SignatureVerifyResponse {
            err: match closure() {
                Ok(_) => "".to_string(),
                Err(e) => format!("{:?}", e),
            },
        }))
    }
}