Hi, Jens, thanks for the link. Did you ever finish the app where you were using these techniques?
First I naively thought that it would be enough to hash the body of what you are going to PUT/POST and then sign that hash and include the signature as a custom http header. I guess this would work for verifying the data on the first post but you would not be able to verify the signature later if couchdb does any parsing of the transported data. What you are suggesting using a canonical representation of of JSON seems like a much better idea it also apparently what oauth uses. I guess this would require some hacking on couchdb. It would be really neat to have a _keys database much like the _users and for for documents to have a _signature field. What do you thin..? --Albin On Wed, Jul 4, 2012 at 3:07 AM, Jens Alfke <[email protected]> wrote: > > On Jul 3, 2012, at 10:01 AM, Jim Klo wrote: > >> Yes, and as a matter of fact, i just got digital signature validation using >> OpenPGP within a map function working a few minutes ago! >> Here's a link to the relevant code: >> https://github.com/jimklo/TheCollector/blob/master/dataservices/thecollector-resources/views/lib/sig_utils.js > > As far as I can tell, this code uses a data schema where the signed contents > are wrapped in some kind of OpenPGP encoding: > >> var msg_list = openpgp.read_message(doc.digital_signature.signature); >> for (var i=0; i<msg_list.length; i++) { >> isValid |= msg_list[i].verifySignature(); >> } > > It looks like msg_list is the actual document payload, which has to be > decoded using openpgp.read_message. > > This is IMHO not a very good solution because it hides the document contents > away — for example, all the map functions and any app logic that uses > documents will have to know to call read_message, which will also make them > slower. > > The schema I implemented (see my previous message) doesn't alter the basic > document format. The signature is in a nested object but applies to the > entire document contents (minus the signature itself of course). There's no > need to change any code that reads documents; the only time you have to know > about the signature scheme is while verifying the signature. It's even > possible to have multiple signatures on a document. > > —Jens
