feat: Create verify instance function for the Signature

Signed-off-by: Awiteb <a@4rs.nl>
This commit is contained in:
Awiteb 2024-07-04 16:08:11 +03:00
parent f4b2514e75
commit 77858ac8f4
Signed by: awiteb
GPG key ID: 3F6B55640AA6682F
2 changed files with 16 additions and 10 deletions

View file

@ -209,22 +209,18 @@ impl K256Secret {
Self::sign_with_shared_secret(data, &self.shared_secret(sign_to)) Self::sign_with_shared_secret(data, &self.shared_secret(sign_to))
} }
/// Verify a signature with the shared secret. /// Verify the given signature with the signer.
/// ///
/// Note: /// Note:
/// The time and the nonce will not be checked here /// The time and the nonce will not be checked here
#[logcall] #[logcall]
pub fn verify(&self, data: &[u8], signature: &CoreSignature, signer: &CorePublicKey) -> bool { pub fn verify(&self, data: &[u8], signature: &CoreSignature, signer: &CorePublicKey) -> bool {
let mut hmac_secret = [0u8; 56]; signature.verify(data, &self.shared_secret(signer))
hmac_secret[0..=31].copy_from_slice(&self.shared_secret(signer));
hmac_secret[32..=39].copy_from_slice(signature.timestamp());
hmac_secret[40..=55].copy_from_slice(signature.nonce());
&hmac_sha256(data, &hmac_secret) == signature.hmac_output()
} }
} }
fn hmac_sha256(data: &[u8], secret: &[u8]) -> [u8; 32] { /// Compute the HMAC-SHA256 of the given data with the given secret.
pub(crate) fn hmac_sha256(data: &[u8], secret: &[u8]) -> [u8; 32] {
let mut mac = HmacSha256::new_from_slice(secret).expect("HMAC can take key of any size"); let mut mac = HmacSha256::new_from_slice(secret).expect("HMAC can take key of any size");
mac.update(data); mac.update(data);
mac.finalize().into_bytes().into() mac.finalize().into_bytes().into()

View file

@ -31,7 +31,7 @@ use salvo_oapi::{
ToSchema, ToSchema,
}; };
use crate::cipher::CipherError; use crate::cipher::{hmac_sha256, CipherError};
/// Correct length except message /// Correct length except message
const CORRECT_LENGTH: &str = "The length is correct"; const CORRECT_LENGTH: &str = "The length is correct";
@ -90,6 +90,16 @@ impl Signature {
sig[40..=55].copy_from_slice(&self.nonce); sig[40..=55].copy_from_slice(&self.nonce);
sig sig
} }
/// Verify the signature with the given shared secret.
pub fn verify(&self, data: &[u8], shared_secret: &[u8; 32]) -> bool {
let mut hmac_secret = [0u8; 56];
hmac_secret[0..=31].copy_from_slice(shared_secret);
hmac_secret[32..=39].copy_from_slice(self.timestamp());
hmac_secret[40..=55].copy_from_slice(self.nonce());
&hmac_sha256(data, &hmac_secret) == self.hmac_output()
}
} }
/// Public key to base58 string /// Public key to base58 string