verify_certificate function

Future<void> verify_certificate(

Map certificate

)

Verifies that a certificate is by the ic_root_key. Throws an Exception if the certificate is invalid.

Implementation

Future<void> verify_certificate(Map certificate) async {
    Uint8List treeroothash = construct_ic_system_state_tree_root_hash(certificate['tree']);
    Uint8List derKey;
    if (certificate.containsKey('delegation')) {
        Map legation_certificate = cbor_simple.cbor.decode(Uint8List.fromList(certificate['delegation']['certificate'])) as Map;
        await verify_certificate(legation_certificate);
        derKey = lookup_path_value_in_an_ic_certificate_tree(legation_certificate['tree'], pathbytes(['subnet', Uint8List.fromList(certificate['delegation']['subnet_id'].toList()), 'public_key']))!;
    } else {
        derKey = ic_root_key; }
    Uint8List blskey = derkeyasablskey(derKey);
    bool certificatevalidity = await bls12381.verify(Uint8List.fromList(certificate['signature'].toList()), Uint8List.fromList(createdomainseparatorbytes('ic-state-root').toList()..addAll(treeroothash)), blskey);
    // print(certificatevalidity);
    if (certificatevalidity == false) {
        throw Exception(':CERTIFICATE IS: VOID.');
    }
}

verify_certificate function

Implementation

ic_tools library