verification_result Class
namespace keychain → class verification_result
Overview
The verification_result class contains detailed information about cryptographic verification operations, including signature validation results, trust chain analysis, and verification metadata.
Class Hierarchy
namespace keychain {
class verification_result : public serializable {
// Cryptographic verification result with detailed information
};
}Constructor
verification_result();
verification_result(bool verified, const std::string& signer_did);
verification_result(const verification_result& other);Properties
Verification Status
bool is_verified() const;
void set_verified(bool verified);
bool is_signature_valid() const;
void set_signature_valid(bool valid);
bool is_trust_chain_valid() const;
void set_trust_chain_valid(bool valid);
bool has_warnings() const;
std::vector<std::string> get_warnings() const;
void add_warning(const std::string& warning);Core verification status and validation results.
Signer Information
std::string get_signer_did() const;
void set_signer_did(const std::string& did);
std::string get_signer_name() const;
void set_signer_name(const std::string& name);
std::string get_signer_public_key() const;
void set_signer_public_key(const std::string& public_key);
std::string get_signer_fingerprint() const;
void set_signer_fingerprint(const std::string& fingerprint);Information about the entity that created the signature.
Algorithm Details
signature_scheme get_signature_scheme() const;
void set_signature_scheme(signature_scheme scheme);
std::string get_algorithm_identifier() const;
size_t get_key_size_bits() const;
std::string get_hash_algorithm() const;
void set_hash_algorithm(const std::string& algorithm);Cryptographic algorithm information used for verification.
Timestamp Information
std::chrono::system_clock::time_point get_signature_timestamp() const;
void set_signature_timestamp(const std::chrono::system_clock::time_point& time);
std::chrono::system_clock::time_point get_verification_timestamp() const;
void set_verification_timestamp(const std::chrono::system_clock::time_point& time);
bool is_timestamp_valid() const;
void set_timestamp_valid(bool valid);Timing information for signature creation and verification.
Trust and Certificate Information
std::vector<std::string> get_certificate_chain() const;
void set_certificate_chain(const std::vector<std::string>& chain);
std::string get_trust_anchor() const;
void set_trust_anchor(const std::string& anchor);
bool is_self_signed() const;
void set_self_signed(bool self_signed);
std::string get_trust_level() const;
void set_trust_level(const std::string& level);Certificate chain and trust relationship information.
Methods
Verification Analysis
bool is_fully_verified() const;
bool has_any_errors() const;
std::vector<std::string> get_errors() const;
void add_error(const std::string& error);
std::string get_verification_summary() const;
double get_confidence_score() const;
void set_confidence_score(double score);Comprehensive verification analysis and confidence assessment.
Trust Chain Validation
bool validate_certificate_chain() const;
bool is_certificate_revoked() const;
bool is_certificate_expired() const;
std::chrono::system_clock::time_point get_certificate_expiration() const;
std::vector<std::string> get_certificate_validation_errors() const;Certificate chain validation and status checking.
Signature Analysis
std::vector<uint8_t> get_signature_bytes() const;
void set_signature_bytes(const std::vector<uint8_t>& signature);
std::string get_signed_data_hash() const;
void set_signed_data_hash(const std::string& hash);
bool verify_signature_integrity() const;Detailed signature analysis and integrity checking.
Policy Compliance
bool meets_policy_requirements() const;
std::vector<std::string> get_policy_violations() const;
void add_policy_violation(const std::string& violation);
std::string get_compliance_level() const;
void set_compliance_level(const std::string& level);Policy compliance checking and violation tracking.
Serialization
std::string to_json() const;
std::string to_xml() const;
std::vector<uint8_t> to_protobuf() const;
static verification_result from_json(const std::string& json);
static verification_result from_xml(const std::string& xml);
static verification_result from_protobuf(const std::vector<uint8_t>& data);Usage Examples
Basic Signature Verification
#include <keychain/keychain.h>
// Verify a signed document
void demonstrate_basic_verification() {
// Load signed document
keychain::verifiable_data signed_document = load_signed_document("contract.kc");
// Get signer's contact information
keychain::persona verifier = gateway.get_persona("alice", "legal");
keychain::contact signer = gateway.get_contact(verifier, "bob", "counterparty");
// Perform verification
auto verification_results = gateway.verify(verifier, signed_document);
for (const auto& result : verification_results) {
std::cout << "Verification Result:" << std::endl;
std::cout << " Verified: " << (result.is_verified() ? "YES" : "NO") << std::endl;
std::cout << " Signer: " << result.get_signer_name() << std::endl;
std::cout << " DID: " << result.get_signer_did() << std::endl;
std::cout << " Algorithm: " << result.get_algorithm_identifier() << std::endl;
std::cout << " Key size: " << result.get_key_size_bits() << " bits" << std::endl;
// Check signature timestamp
auto sig_time = result.get_signature_timestamp();
auto time_t = std::chrono::system_clock::to_time_t(sig_time);
std::cout << " Signed at: " << std::ctime(&time_t);
if (result.is_verified()) {
std::cout << " Status: SIGNATURE VALID" << std::endl;
} else {
std::cout << " Status: SIGNATURE INVALID" << std::endl;
auto errors = result.get_errors();
for (const auto& error : errors) {
std::cout << " Error: " << error << std::endl;
}
}
}
}Comprehensive Verification Analysis
// Perform detailed verification with trust chain analysis
void demonstrate_comprehensive_verification() {
keychain::verifiable_data important_document = load_critical_document("financial_report.kc");
keychain::persona auditor = gateway.get_persona("auditor", "compliance");
auto verification_results = gateway.verify(auditor, important_document);
for (const auto& result : verification_results) {
std::cout << "=== Comprehensive Verification Report ===" << std::endl;
std::cout << "Signer: " << result.get_signer_name() << std::endl;
std::cout << "DID: " << result.get_signer_did() << std::endl;
// Overall verification status
std::cout << "\nOverall Status:" << std::endl;
std::cout << " Fully Verified: " << (result.is_fully_verified() ? "YES" : "NO") << std::endl;
std::cout << " Confidence Score: " << result.get_confidence_score() << "/1.0" << std::endl;
// Signature validation
std::cout << "\nSignature Validation:" << std::endl;
std::cout << " Cryptographic Signature: " << (result.is_signature_valid() ? "VALID" : "INVALID") << std::endl;
std::cout << " Algorithm: " << result.get_algorithm_identifier() << std::endl;
std::cout << " Hash Algorithm: " << result.get_hash_algorithm() << std::endl;
// Trust chain analysis
std::cout << "\nTrust Chain Analysis:" << std::endl;
std::cout << " Trust Chain Valid: " << (result.is_trust_chain_valid() ? "YES" : "NO") << std::endl;
std::cout << " Self-Signed: " << (result.is_self_signed() ? "YES" : "NO") << std::endl;
std::cout << " Trust Level: " << result.get_trust_level() << std::endl;
std::cout << " Trust Anchor: " << result.get_trust_anchor() << std::endl;
// Certificate chain details
auto cert_chain = result.get_certificate_chain();
std::cout << " Certificate Chain Length: " << cert_chain.size() << std::endl;
for (size_t i = 0; i < cert_chain.size(); ++i) {
std::cout << " Cert " << i << ": " << cert_chain[i].substr(0, 50) << "..." << std::endl;
}
// Certificate status
std::cout << "\nCertificate Status:" << std::endl;
std::cout << " Certificate Expired: " << (result.is_certificate_expired() ? "YES" : "NO") << std::endl;
std::cout << " Certificate Revoked: " << (result.is_certificate_revoked() ? "YES" : "NO") << std::endl;
if (!result.is_certificate_expired()) {
auto cert_exp = result.get_certificate_expiration();
auto exp_time_t = std::chrono::system_clock::to_time_t(cert_exp);
std::cout << " Certificate Expires: " << std::ctime(&exp_time_t);
}
// Timestamp validation
std::cout << "\nTimestamp Validation:" << std::endl;
std::cout << " Timestamp Valid: " << (result.is_timestamp_valid() ? "YES" : "NO") << std::endl;
auto verification_time = result.get_verification_timestamp();
auto verify_time_t = std::chrono::system_clock::to_time_t(verification_time);
std::cout << " Verified at: " << std::ctime(&verify_time_t);
// Policy compliance
std::cout << "\nPolicy Compliance:" << std::endl;
std::cout << " Meets Policy: " << (result.meets_policy_requirements() ? "YES" : "NO") << std::endl;
std::cout << " Compliance Level: " << result.get_compliance_level() << std::endl;
auto policy_violations = result.get_policy_violations();
if (!policy_violations.empty()) {
std::cout << " Policy Violations:" << std::endl;
for (const auto& violation : policy_violations) {
std::cout << " - " << violation << std::endl;
}
}
// Warnings and errors
if (result.has_warnings()) {
std::cout << "\nWarnings:" << std::endl;
auto warnings = result.get_warnings();
for (const auto& warning : warnings) {
std::cout << " WARNING: " << warning << std::endl;
}
}
if (result.has_any_errors()) {
std::cout << "\nErrors:" << std::endl;
auto errors = result.get_errors();
for (const auto& error : errors) {
std::cout << " ERROR: " << error << std::endl;
}
}
// Summary
std::cout << "\nSummary: " << result.get_verification_summary() << std::endl;
}
}Policy-Based Verification
// Implement custom verification policies
class verification_policy_checker {
public:
static bool check_algorithm_policy(const keychain::verification_result& result) {
// Require strong algorithms only
auto scheme = result.get_signature_scheme();
// Reject weak algorithms
if (scheme == keychain::signature_scheme::RSASS_2048_PKCS1_SHA256) {
return false; // RSA-2048 considered weak
}
// Require minimum key size
if (result.get_key_size_bits() < 256) {
return false;
}
return true;
}
static bool check_timestamp_policy(const keychain::verification_result& result) {
if (!result.is_timestamp_valid()) {
return false;
}
// Reject signatures older than 1 year
auto sig_time = result.get_signature_timestamp();
auto now = std::chrono::system_clock::now();
auto age = std::chrono::duration_cast<std::chrono::hours>(now - sig_time);
return age <= std::chrono::hours(24 * 365);
}
static bool check_trust_policy(const keychain::verification_result& result) {
// Require valid trust chain (no self-signed certificates)
if (result.is_self_signed()) {
return false;
}
// Require high trust level
std::string trust_level = result.get_trust_level();
return trust_level == "HIGH" || trust_level == "ENTERPRISE";
}
static keychain::verification_result apply_policies(keychain::verification_result result) {
// Apply algorithm policy
if (!check_algorithm_policy(result)) {
result.add_policy_violation("Algorithm does not meet security requirements");
}
// Apply timestamp policy
if (!check_timestamp_policy(result)) {
result.add_policy_violation("Signature timestamp violates age policy");
}
// Apply trust policy
if (!check_trust_policy(result)) {
result.add_policy_violation("Trust chain does not meet enterprise requirements");
}
// Set compliance level
auto violations = result.get_policy_violations();
if (violations.empty()) {
result.set_compliance_level("COMPLIANT");
} else if (violations.size() <= 2) {
result.set_compliance_level("PARTIAL");
} else {
result.set_compliance_level("NON_COMPLIANT");
}
return result;
}
};
// Use policy checker
void demonstrate_policy_verification() {
keychain::verifiable_data policy_document = load_document("policy_test.kc");
keychain::persona policy_checker = gateway.get_persona("compliance", "officer");
auto raw_results = gateway.verify(policy_checker, policy_document);
for (auto result : raw_results) {
// Apply organizational policies
auto policy_result = verification_policy_checker::apply_policies(result);
std::cout << "Policy Verification Result:" << std::endl;
std::cout << " Signer: " << policy_result.get_signer_name() << std::endl;
std::cout << " Cryptographically Valid: " << policy_result.is_signature_valid() << std::endl;
std::cout << " Policy Compliant: " << policy_result.meets_policy_requirements() << std::endl;
std::cout << " Compliance Level: " << policy_result.get_compliance_level() << std::endl;
if (!policy_result.meets_policy_requirements()) {
std::cout << " Policy Violations:" << std::endl;
for (const auto& violation : policy_result.get_policy_violations()) {
std::cout << " - " << violation << std::endl;
}
}
}
}Batch Verification with Analytics
// Process multiple verification results for analytics
class verification_analytics {
private:
std::vector<keychain::verification_result> results;
public:
void add_result(const keychain::verification_result& result) {
results.push_back(result);
}
void generate_analytics_report() {
if (results.empty()) {
std::cout << "No verification results to analyze" << std::endl;
return;
}
std::cout << "=== Verification Analytics Report ===" << std::endl;
std::cout << "Total Verifications: " << results.size() << std::endl;
// Success rate analysis
size_t successful = 0;
size_t failed = 0;
for (const auto& result : results) {
if (result.is_verified()) {
successful++;
} else {
failed++;
}
}
double success_rate = static_cast<double>(successful) / results.size() * 100.0;
std::cout << "Success Rate: " << std::fixed << std::setprecision(1)
<< success_rate << "% (" << successful << "/" << results.size() << ")" << std::endl;
// Algorithm distribution
std::map<keychain::signature_scheme, size_t> algorithm_counts;
for (const auto& result : results) {
algorithm_counts[result.get_signature_scheme()]++;
}
std::cout << "\nAlgorithm Distribution:" << std::endl;
for (const auto& [algorithm, count] : algorithm_counts) {
double percentage = static_cast<double>(count) / results.size() * 100.0;
std::cout << " " << to_string(algorithm) << ": " << count
<< " (" << std::fixed << std::setprecision(1) << percentage << "%)" << std::endl;
}
// Trust level distribution
std::map<std::string, size_t> trust_counts;
for (const auto& result : results) {
trust_counts[result.get_trust_level()]++;
}
std::cout << "\nTrust Level Distribution:" << std::endl;
for (const auto& [level, count] : trust_counts) {
double percentage = static_cast<double>(count) / results.size() * 100.0;
std::cout << " " << level << ": " << count
<< " (" << std::fixed << std::setprecision(1) << percentage << "%)" << std::endl;
}
// Average confidence score
double total_confidence = 0.0;
for (const auto& result : results) {
total_confidence += result.get_confidence_score();
}
double avg_confidence = total_confidence / results.size();
std::cout << "\nAverage Confidence Score: " << std::fixed << std::setprecision(3)
<< avg_confidence << "/1.0" << std::endl;
// Policy compliance rate
size_t compliant = 0;
for (const auto& result : results) {
if (result.meets_policy_requirements()) {
compliant++;
}
}
double compliance_rate = static_cast<double>(compliant) / results.size() * 100.0;
std::cout << "Policy Compliance Rate: " << std::fixed << std::setprecision(1)
<< compliance_rate << "% (" << compliant << "/" << results.size() << ")" << std::endl;
// Common errors
std::map<std::string, size_t> error_counts;
for (const auto& result : results) {
for (const auto& error : result.get_errors()) {
error_counts[error]++;
}
}
if (!error_counts.empty()) {
std::cout << "\nMost Common Errors:" << std::endl;
// Sort by frequency
std::vector<std::pair<size_t, std::string>> sorted_errors;
for (const auto& [error, count] : error_counts) {
sorted_errors.emplace_back(count, error);
}
std::sort(sorted_errors.rbegin(), sorted_errors.rend());
for (size_t i = 0; i < std::min(sorted_errors.size(), size_t(5)); ++i) {
std::cout << " " << sorted_errors[i].first << "x: "
<< sorted_errors[i].second << std::endl;
}
}
}
};Integration with Audit Systems
// Log verification results for audit trails
class verification_audit_logger {
public:
static void log_verification(const keychain::verification_result& result,
const std::string& document_id) {
// Create audit record
nlohmann::json audit_record;
audit_record["timestamp"] = get_iso8601_timestamp();
audit_record["document_id"] = document_id;
audit_record["signer_did"] = result.get_signer_did();
audit_record["signer_name"] = result.get_signer_name();
audit_record["verified"] = result.is_verified();
audit_record["signature_valid"] = result.is_signature_valid();
audit_record["trust_chain_valid"] = result.is_trust_chain_valid();
audit_record["algorithm"] = result.get_algorithm_identifier();
audit_record["confidence_score"] = result.get_confidence_score();
audit_record["compliance_level"] = result.get_compliance_level();
// Add error details if any
if (result.has_any_errors()) {
audit_record["errors"] = result.get_errors();
}
// Add policy violations if any
if (!result.meets_policy_requirements()) {
audit_record["policy_violations"] = result.get_policy_violations();
}
// Add warnings if any
if (result.has_warnings()) {
audit_record["warnings"] = result.get_warnings();
}
// Write to audit log
write_to_audit_log(audit_record.dump());
// Send alerts for critical issues
if (!result.is_verified() || !result.meets_policy_requirements()) {
send_security_alert("Verification failure or policy violation", audit_record);
}
}
private:
static void write_to_audit_log(const std::string& record) {
// Implementation would write to secure audit system
std::cout << "AUDIT: " << record << std::endl;
}
static void send_security_alert(const std::string& message,
const nlohmann::json& details) {
// Implementation would send alert to security team
std::cout << "SECURITY ALERT: " << message << std::endl;
std::cout << "Details: " << details.dump(2) << std::endl;
}
};JSON Structure
{
"verification_status": {
"verified": true,
"signature_valid": true,
"trust_chain_valid": true,
"fully_verified": true,
"confidence_score": 0.95
},
"signer": {
"did": "did:keychain:alice.legal",
"name": "alice.legal",
"public_key": "04a1b2c3d4e5f6...",
"fingerprint": "sha256:abc123def456..."
},
"algorithm": {
"signature_scheme": "ECDSA_P256_SHA256",
"algorithm_identifier": "ecdsa-p256-sha256",
"key_size_bits": 256,
"hash_algorithm": "SHA-256"
},
"timestamps": {
"signature_timestamp": "2024-01-15T10:30:00Z",
"verification_timestamp": "2024-01-20T14:45:00Z",
"timestamp_valid": true
},
"trust": {
"certificate_chain": ["cert1...", "cert2..."],
"trust_anchor": "corporate_ca",
"self_signed": false,
"trust_level": "HIGH",
"certificate_expired": false,
"certificate_revoked": false
},
"policy": {
"meets_requirements": true,
"compliance_level": "COMPLIANT",
"violations": []
},
"warnings": [],
"errors": []
}Related Classes
-
verifiable_data - Signed data containers
-
attestation - Digital signatures with metadata
-
signature_scheme - Signature algorithms
-
persona - Identity for verification