Hi all. We use protobuf in our product, and I have a question regarding incorporating it with signatures. If I have 2 hosts (let's assume they can be different platforms, OS, etc.) - hostA and hostB and the following scenario:
A creates message M, sends B the message M, as well as the output of proto.Marshal <https://godoc.org/github.com/golang/protobuf/proto#Marshal> on M (the bytes) - denoted as Ma 1) A sends a message M to B via gRPC 2) B receives the message, and calls proto.Marshal <https://godoc.org/github.com/golang/protobuf/proto#Marshal> on M, denoted Mb. 3) B checks whether Ma is equal to Mb. Is Ma equal to Mb? I'm asking the question because I wish to sign messages in the following way: Defining a message M: message M { field1 ... fiedl2 ... ... bytes signature = n; } And then the sender would: 1) Nullify the signature 2) call proto.Marshal <https://godoc.org/github.com/golang/protobuf/proto#Marshal> 3) Hash the bytes 4) Sign the hash 5) Put the signature into M.signature 6) Send M over the wire The receiver would: 1) Backup the signature 2) Nullify the signature field 3) Call proto.Unmarshal <https://godoc.org/github.com/golang/protobuf/proto#Unmarshal> on M 4) hash the bytes 5) Verify the signature Would that work or not? Many thanks in advance, Yacov. -- You received this message because you are subscribed to the Google Groups "Protocol Buffers" group. To unsubscribe from this group and stop receiving emails from it, send an email to protobuf+unsubscr...@googlegroups.com. To post to this group, send email to protobuf@googlegroups.com. Visit this group at https://groups.google.com/group/protobuf. For more options, visit https://groups.google.com/d/optout.
