Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As proposed at https://forum.getodk.org/t/form-spec-proposal-allow-signed-content-to-verified-using-form-logic/44228.
What has been done to verify that this works as intended?
New tests and verified manually using Extract.signed.form.xlsx (which includes a randomly generated public key) and the following QR code (which contains the message "real genuine data"):
Why is this the best possible solution? Were any other approaches considered?
The function signature is discussed at https://forum.getodk.org/t/form-spec-proposal-allow-signed-content-to-verified-using-form-logic/44228.
In terms of implementation, I did briefly look into using Java's build it crypto utilities, but it seemed like we'd need Java 15 for Ed25519 support and JavaRosa is still Java 8 compatible as far as I know. Using Bouncy Castle keeps that support in place. One ramification could be that it increases the size of binaries built suing JavaRosa (like Collect's APK).
How does this change affect users? Describe intentional changes to behavior and behavior that could have accidentally been affected by code changes. In other words, what are the regression risks?
Should just add the new function! Nothing else has really been touched (other than moving Base64 to a new helper).
Does this change require updates to documentation? If so, please file an issue here and include the link below.
getodk/docs#1723