From 77858ac8f48a2f433f76612166ed720587adce13 Mon Sep 17 00:00:00 2001 From: Awiteb Date: Thu, 4 Jul 2024 16:08:11 +0300 Subject: [PATCH] feat: Create `verify` instance function for the `Signature` Signed-off-by: Awiteb --- crates/oxidetalis_core/src/cipher.rs | 14 +++++--------- crates/oxidetalis_core/src/types/cipher.rs | 12 +++++++++++- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/crates/oxidetalis_core/src/cipher.rs b/crates/oxidetalis_core/src/cipher.rs index 9fefd47..2c7067b 100644 --- a/crates/oxidetalis_core/src/cipher.rs +++ b/crates/oxidetalis_core/src/cipher.rs @@ -107,7 +107,7 @@ impl K256Secret { } /// Sign a data with the shared secret. - /// + /// /// The signature is exiplained in the OTMP specification. pub fn sign_with_shared_secret(data: &[u8], shared_secret: &[u8; 32]) -> CoreSignature { let mut time_and_nonce = [0u8; 24]; @@ -209,22 +209,18 @@ impl K256Secret { Self::sign_with_shared_secret(data, &self.shared_secret(sign_to)) } - /// Verify a signature with the shared secret. + /// Verify the given signature with the signer. /// /// Note: /// The time and the nonce will not be checked here #[logcall] pub fn verify(&self, data: &[u8], signature: &CoreSignature, signer: &CorePublicKey) -> bool { - let mut hmac_secret = [0u8; 56]; - hmac_secret[0..=31].copy_from_slice(&self.shared_secret(signer)); - hmac_secret[32..=39].copy_from_slice(signature.timestamp()); - hmac_secret[40..=55].copy_from_slice(signature.nonce()); - - &hmac_sha256(data, &hmac_secret) == signature.hmac_output() + signature.verify(data, &self.shared_secret(signer)) } } -fn hmac_sha256(data: &[u8], secret: &[u8]) -> [u8; 32] { +/// Compute the HMAC-SHA256 of the given data with the given secret. +pub(crate) fn hmac_sha256(data: &[u8], secret: &[u8]) -> [u8; 32] { let mut mac = HmacSha256::new_from_slice(secret).expect("HMAC can take key of any size"); mac.update(data); mac.finalize().into_bytes().into() diff --git a/crates/oxidetalis_core/src/types/cipher.rs b/crates/oxidetalis_core/src/types/cipher.rs index 7f9019e..fffd4e3 100644 --- a/crates/oxidetalis_core/src/types/cipher.rs +++ b/crates/oxidetalis_core/src/types/cipher.rs @@ -31,7 +31,7 @@ use salvo_oapi::{ ToSchema, }; -use crate::cipher::CipherError; +use crate::cipher::{hmac_sha256, CipherError}; /// Correct length except message const CORRECT_LENGTH: &str = "The length is correct"; @@ -90,6 +90,16 @@ impl Signature { sig[40..=55].copy_from_slice(&self.nonce); sig } + + /// Verify the signature with the given shared secret. + pub fn verify(&self, data: &[u8], shared_secret: &[u8; 32]) -> bool { + let mut hmac_secret = [0u8; 56]; + hmac_secret[0..=31].copy_from_slice(shared_secret); + hmac_secret[32..=39].copy_from_slice(self.timestamp()); + hmac_secret[40..=55].copy_from_slice(self.nonce()); + + &hmac_sha256(data, &hmac_secret) == self.hmac_output() + } } /// Public key to base58 string