You might be able to make this work, but it can be tricky to get it right and so I wouldn't necessarily recommend it. One major problem is that maps are serialized non-deterministically because they are logically unordered. Another problem is unknown fields; if you're using proto3 then unknown fields are dropped at parsing time, so when B parses and reserializes the proto it will lose any unknown fields.
On Sat, Feb 11, 2017 at 9:19 AM, Yacov Manevich <[email protected]> wrote: > Hi all. > > We use protobuf in our product, and I have a question regarding > incorporating it with signatures. > If I have 2 hosts (let's assume they can be different platforms, OS, etc.) > - hostA and hostB and the following scenario: > > A creates message M, sends B the message M, as well as the output of > proto.Marshal <https://godoc.org/github.com/golang/protobuf/proto#Marshal> > on M (the bytes) - denoted as Ma > 1) A sends a message M to B via gRPC > 2) B receives the message, and calls proto.Marshal > <https://godoc.org/github.com/golang/protobuf/proto#Marshal> on M, > denoted Mb. > 3) B checks whether Ma is equal to Mb. > > Is Ma equal to Mb? > > I'm asking the question because I wish to sign messages in the following > way: > Defining a message M: > message M { > field1 ... > fiedl2 ... > ... > bytes signature = n; > } > > And then the sender would: > 1) Nullify the signature > 2) call proto.Marshal > <https://godoc.org/github.com/golang/protobuf/proto#Marshal> > 3) Hash the bytes > 4) Sign the hash > 5) Put the signature into M.signature > 6) Send M over the wire > > The receiver would: > 1) Backup the signature > 2) Nullify the signature field > 3) Call proto.Unmarshal > <https://godoc.org/github.com/golang/protobuf/proto#Unmarshal> on M > 4) hash the bytes > 5) Verify the signature > > > Would that work or not? > > > Many thanks in advance, Yacov. > > -- > You received this message because you are subscribed to the Google Groups > "Protocol Buffers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/protobuf. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Protocol Buffers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/protobuf. For more options, visit https://groups.google.com/d/optout.
